Google Account Compromised, Malware Shipped In Chrometana 1.1.3

Theo’s personal Google account was compromised and an unofficial “1.1.3” update was shipped for Chrometana. That update included alert10.js, malware that opens popups saying you have a virus. This is horrifying, unexpected, and worst, impossible to prevent. 2FA was active on the account that was compromised.

Because of this compromise and the need to ship a new version, we are now moving Chrometana 2.0 out of beta. There may be bugs! Don’t be shy to open issues on our github!

Edit: There is no virus. The “malware” included in Chrometana opened a popup that brought you to the webpage chromeupdates.top . If you did not download any software from that page onto your computer, you did not install a virus. The update to Chrometana is enough to make it secure again.