Top Cryptographers Identify “Catastrophic” Vulnerabilities in MEGA Cloud Storage

14
Top Cryptographers Identify Catastrophic Vulnerabilities in MEGA Cloud Storage

At least five exploitable security flaws have been discovered by cryptographers at the Swiss university ETH Zurich in the privacy-focused MEGA cloud storage service. They have issued a warning that these problems could result in “devastating attacks on the confidentiality and integrity of user data in the MEGA cloud.”

A research study from the ETH Zurich team that outlines the security flaws cautions that MEGA has not yet released a full fix for all of the known vulnerabilities. The cryptographers warned: “We demonstrate that MEGA’s system does not defend its customers against a hostile server and provide five separate assaults, which taken together allow for a comprehensive compromise of the confidentiality of user files.

New Zealand-based MEGA positions itself as a secure cloud storage service with “privacy by design” that strives for user-controlled end-to-end encryption.

Read More: https://www.securityweek.com/top-cryptographers-flag-devastating-flaws-mega-cloud-storage