 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.813790 |
| Category: | Malware |
| Title: | Google Chrome MEGA Extension Trojan - Linux |
| Summary: | Detection of a trojaned MEGA extension for Google Chrome. |
| Description: | Summary: Detection of a trojaned MEGA extension for Google Chrome. Vulnerability Insight: The flaw exists as a trojaned version of MEGA extension was available in the Google Chrome webstore for installation and update. Vulnerability Impact: Upon installation or auto update to trojaned version, extension would exfiltrate credentials for sites including amazon.com, live.com, github.com, google.com (or webstore login), myetherwallet.com, mymonero.com, idex.market and HTTP POST requests to any other sites. Then it will send them to a server located in Ukraine. Affected Software/OS: MEGA extension version 3.39.4 for Chrome. Solution: Update to MEGA extension version 3.39.5 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Copyright | Copyright (C) 2018 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |