Coinbase hacking attempt leads to discovery of Firefox bug
Hackers are taking full advantage of a “zero-day” exploit in Mozilla’s Firefox browser, in the latest scam to target cryptocurrency owners online, ZDNet first reported.
In its latest patch note, Mozilla said they were aware of the exploit being used to scam cryptocurrency users in targeted attacks: “This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.”
Security researcher Samuel Groß is widely attributed as having discovered the vulnerability, which was brought to Mozilla’s attention back in early April.
I don't have any insights into the active exploitation part. I found and then reported the bug on April 15. The first public fix then landed about a week ago (sec fixes are held back until close to the next release): https://t.co/O34f9dou3E https://t.co/K6GfZN1XkH
— Samuel Groß (@5aelo) June 19, 2019
However, the first security patch was only released in the last week, leaving over two months during which crypto users could have been scammed via a targeted crash attack.
Groß told ZDNet that hackers can use the vulnerability for “Remote Control Execution,” effectively giving them full control over a user’s system. In particular, the attacks seem to have focused on users of the Coinbase cryptocurrency exchange.
“However, most likely it can be exploited for [Universal Cross-Site Scripting (UXSS) attacks] which might be enough depending on the attacker’s goals,” the security expert said.
These types of attacks are often associated with the loss of sensitive data, such as usernames, passwords and bank account details.
While there are limited details available about the exact nature of the attacks or the number of victims affected by them, Mozilla has now taken action to prevent others from falling unwittingly into difficulties. On its website, Mozilla urged users to make sure they update their browser with the latest security patch as soon as they can.
1/ A little more context on the Firefox 0-day reports. On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox escape, to target Coinbase employees.
— Philip Martin (@SecurityGuyPhil) June 19, 2019
While Mozilla did eventually patch the vulnerability, the case further reaffirms the need for adequate cryptocurrency storage and security.
To receive the latest CoinGeek.com news, special discounts on CoinGeek Conferences and other inside information direct to your inbox, please sign up for our mailing list.