One of the world’s most popular cloud storage (opens in new tab) Service providers contained several serious vulnerabilities that allowed attackers to read even encrypted (opens in new tab) Files, researchers have found.
A team from ETH Zurich discovered five vulnerabilities on the Mega platform that revolve around stealing and decrypting an RSA key (a private key based on the RSA algorithm).
The team discovered the bugs in late March this year and reported them to the company. Mega soon released patches and fixes for some of the bugs, while patches for others are still in the works. The patches do not impact user experience and do not require users to re-encrypt their stored data, it said. You also don’t have to change passwords or create new keys.
Great for disgruntled employees
While patches not being available for all bugs is certainly bad news, the good news is that Mega hasn’t seen anyone exploit them in the wild, just…