Scammers to Replace MEGA Extension to Steal Crypto

MEGA is a popular file exchange service; scammers were able to replace its official Google Chrom extension
05 September 2018   2031

The popular file-sharing service MEGA reported a hacker attack. Attackers managed to replace the official Chromme extension of the service and to collect data on users' crypto-currency wallets.

On 4 September 2018 at 14:30 UTC, an unknown attacker uploaded a trojaned version of MEGA's Chrome extension, version 3.39.4, to the Google Chrome webstore. Upon installation or autoupdate, it would ask for elevated permissions (Read and change all your data on the websites you visit) that MEGA's real extension does not require and would (if permissions were granted) exfiltrate credentials for sites including amazon.com, live.com, github.com, google.com (for webstore login), myetherwallet.com, mymonero.com, idex.market and HTTP POST requests to other sites, to a server located in Ukraine. Note that mega.nz credentials were not being exfiltrated.

MEGA Blog

Thus, attackers could get access to the popular cryptocurrency wallets MyEtherWallet and MyMonero. Also, users' funds on the decentralized IDEX exchange are under the thread too.

Representatives of the file sharing company stressed that the fake extension was replaced by a genuine one four hours after the substitution. And an hour later, Google reacted and removed the extension from the Chrome store. Note that at the time of publication, the MEGA extension for Chrome in the official store is still not available.

Earlier it was reported that users of MyEtherWallet, using the free VPN-plugin Hola, could become victims of a hacker attack.

Great Chinese Firewall to Block ETH Explorer

Looks like it's the first time that a blockchain observer (etherscan. io in this case) has become a target for Internet censorship in China
04 December 2019   102

The Great Chinese Firewall, used by the authorities to regulate access to foreign sites, blocked etherscan.io, one of the most popular services for viewing the statistics of the Ethereum network.

According to CoinDesk, as of early December, the portal is not accessible from IP addresses in mainland China. According to the service greatfire.org, blocking has been carried out at least since October 30.

Presumably this is the first time that a blockchain observer has become a target for Internet censorship in China.

This is another instance of friction between the decentralized and immutable technology of blockchain and the tightly controlled, centralized government of China. We should expect additional problems like these in the future as blockchain is integrated further into the Chinese economy and daily life.
 

Matthew Graham

CEO, Sino Global Capital

In his opinion, we should expect similar problems in the future, since the blockchain is increasingly being integrated into the Chinese economy.

It is not known exactly what caused etherscan.io to become blocked.

Last year, it was reported that users encoded censored articles in an Ethereum transaction and shared the hashes of these transactions in the WeChat messenger using etherscan.io.

Some have used this feature to post sensitive messages without the need to worry about the message being blocked or removed, or their identity being exposed. Anyone with a blockchain explorer like Etherscan can view these messages, so it is not surprising that this website has come in the crosshairs of internet censors.
 

Matthew Graham

CEO, Sino Global Capital

The founder of etherscan.io, Matthew Tan, confirmed that the site in China has been blocked "for the past three months." He could not name the exact date and reason for what happened.