Privacy News File-storage service Mega compromised by hackers

kev216

Level 21
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 6, 2014
1,044
Mega, the cloud storage site originally founded by Kim Dotcom, was hacked this week. Outsiders gained access to part of the site's infrastructure and released source code, and later possibly user details as well. Mega confirmed the hack but says that no user data was compromised.

When the cloud-storage service Mega was launched in January 2013, it branded itself “the privacy company.”

The company’s main focus is to keep the files and other information of its users secure. However, this couldn’t prevent its own systems from being compromised.

This week Mega was hacked by outsiders who gained access to part of the company’s infrastructure. According to the hackers, they have access to roughly two gigabytes of data, some of which they released in public.

“We have been digging into some Mega developers account and started to escalate into their systems. We plan to release all the proprietary source code for public analysis,” the hackers informed TorrentFreak.

“This is around 2 GB of source code, including the Mega Chat source code and other services.”

TorrentFreak reached out to Mega Chairman Stephen Hall, who confirmed the hack.

However, the company denies that any critical data has been compromised. Hall says that the affected systems were quickly patched and notes that the hackers did not gain access to user data.

“One of our contractors working on independent systems to maintain the public material on our blog and the help center has been compromised,” Hall told TF.

“This person did not have access to user data, neither does the person have access to critical source code and so the impact is very low.”

Mega’s chairman is confident that the user data is safe and notes that all files that are uploaded to the site are encrypted before they reach their servers.

The hackers, however, suggest that they do have some user data in hand. They might release partial user data in the future, they say, but don’t plan to release any on short notice.

The hackers will make some source code available and have already released 800 megabytes of data. In addition, they published admin login details in a Pastebin post. According to Mega, this is related to an older system that delivers blog posts, help center content, and translations.

Time will reveal the true scope and severity of the hack, and if it will affect Mega’s system or users.
 

Solarlynx

Level 15
Verified
Top Poster
Well-known
Apr 30, 2012
711
Yep, just encrypt your files before uploading to any cloud. I did it with Mega when I used it (I know Mega encrypts them as well). Some my files left there, I don't care what happens to them as they were encrypted before downloading.
 

Solarlynx

Level 15
Verified
Top Poster
Well-known
Apr 30, 2012
711
I've not come across this one before. I like the fact it uses 7zip to compress the files rather than a proprietary format. Thanks for sharing.

You are welcome!

CryptSync is an open source and its development is maintained. So I think it's worth trying.

I use CryptSync in "Run in background" mode. It syncs files on the fly.
 
Last edited:

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
I agree with Mark, this looks promising " CryptSync "
Thanks Solarlynx for the heads up brother :)
I too use Mega and will continue to, but it is nice to
have an alternative like this one you have made me
aware of.
 
Last edited:

Ana_Filiz

Level 4
Verified
Well-known
Aug 23, 2016
193
Sad news, indeed. Cloud storage is not safe that`s for sure but the best option is to encrypt the files. I`m sure that they (hackers) will find a way to hack even the encrypted files. I prefer to save my encrypted files on external password protected HDDs so that no one can reach them except me.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top