Hackers hit storage service Mega
Hackers have managed to penetrate systems of the storage service Mega. The hackers claim, among other things, to have the source code of Megachat and an RSA key. Mega confirms the hack, but calls the impact small.
The hack was committed by Amn3s1a Team, which, among others, informs ZDNet and Torrentfreak about the hack. Through developer accounts and a vulnerability, they managed to extend their administrator privileges. They claim to have obtained 2GB of source code, including the Megachat service for instant messaging. In addition, internal documents and some user data were allegedly stolen. They have since put details about the admin logins on Pastebin and they also threaten to make the source code public.
A Mega spokesperson confirmed the hack, but stated that no access to critical source code and user data was obtained. “One of the companies we hire externally is working on independent systems to track material on our blog. Its help center was hacked,” the spokesperson claims.
Mega was founded in 2013 by Kim DotCom as the successor to file locker service Megaupload. In 2015, DotCom resigned with claims of a hostile takeover. “Hacker with admin access may have posted backdoors, this is a privacy company nightmare”, reports DotCom now on Twitter. He is working on Megaupload 2.0 himself.