Hackers say they took Mega.nz source code and admin logins

The hacker group also took credit for swiping half-a-dozen admin accounts, including their login keys used for accessing accounts.
Written by Zack Whittaker, Contributor

A hacker group claims to have obtained source code and admin accounts for the file-sharing site Mega.nz, formerly owned by internet entrepreneur Kim Dotcom.


(Image: file photo)

The hacker group, known as the Amn3s1a Team, told me by email that they had also obtained internal documents from the company's servers, by exploiting an escalation of privilege vulnerability.

In total, there were seven email addresses that are said to be associated with administrative Mega accounts, thought to be the highest-level of access at the service.

According to one of the hackers, the group "got into a few developer boxes and silently started our path from there".

ZDNet obtained a portion of what was allegedly taken: an 800MB archive of source code. Among the code are directories that appear to be relating to Megachat, its instant messenger service, the site's Chrome browser extension, and in one case, a private RSA key.

Asked about motive, the group said that using a tool "that's not completely open source has big disadvantages".

Mega.nz confirmed, but it downplayed the breach.

"One of our contractors working on independent systems to maintain the public material in our blog and the help center has been compromised," said Stephen Hall, chairman of Mega, in an email.

"This person did not have access to user data, neither does the person have access to critical source code and so the impact is very low," he added.

Hall confirmed that the system that was accessed has "been secured" and that user data wasn't compromised.

The hackers also said they took documents from a developer's machine, a claim that Hall denied.

One such document appeared to be an annual remuneration review for one employee (whose name we're not disclosing but was part of the list of admin accounts), which said that the employee would receive a 10 percent pay cut.

Hall confirmed the authenticity of the document but said that it was "personal to a contractor and wasn't obtained from any Mega system".

Founded in 2012, the site became a "piracy haven" for millions of users. The file-sharing site underwent a "hostile takeover" earlier this year, according to reports, and a majority of shares are now in part owned by the New Zealand government, where the company is based, Dotcom said.

Dotcom did not respond to a request for comment prior to publication, but he said in a tweet after this story broke: "If Mega.nz source code leaks I'd like to see a code review by security experts. Wouldn't be surprised if the new Mega owner sold you out."

The hacker group said that it has more to release, but it didn't say when.

"We aren't in a hurry," the group said.

Editorial standards