At least five exploitable security flaws have been discovered by cryptographers at the Swiss university ETH Zurich in the privacy-focused MEGA cloud storage service. They have issued a warning that these problems could result in “devastating attacks on the confidentiality and integrity of user data in the MEGA cloud.”
A research study from the ETH Zurich team that outlines the security flaws cautions that MEGA has not yet released a full fix for all of the known vulnerabilities. The cryptographers warned: “We demonstrate that MEGA’s system does not defend its customers against a hostile server and provide five separate assaults, which taken together allow for a comprehensive compromise of the confidentiality of user files.
New Zealand-based MEGA positions itself as a secure cloud storage service with “privacy by design” that strives for user-controlled end-to-end encryption.