• Home
  • Apps
  • Apps News
  • Mozilla Firefox Fixes Zero Day Exploits That Impacted Coinbase Employees, Mac Users Involved in Cryptocurrency Exchange

Mozilla Firefox Fixes Zero-Day Exploits That Impacted Coinbase Employees, Mac Users Involved in Cryptocurrency Exchange

Mozilla has listed the vulnerabilities as CVE-2019-11707 and CVE-2019-11708.

Share on Facebook Tweet Snapchat Share Reddit Comment
Mozilla Firefox Fixes Zero-Day Exploits That Impacted Coinbase Employees, Mac Users Involved in Cryptocurrency Exchange

Firefox was impacting Coinbase employees through remote code execution and sandbox escape flaws

Highlights
  • Mozilla released Firefox 67.0.3 to fix the remote code execution bug
  • The bug enabled attackers to run malicious code within Firefox
  • Mozilla brought Firefox 67.0.4 to match the sandbox escape issue

Mozilla has patched a couple of zero-day vulnerabilities on Firefox through two separate security updates. While the first zero-day flaw was described as a "remote code execution" vulnerability that enabled remote attackers to run a malicious code within the native process of the Firefox browser, the second one was known as a "sandbox escape" that allowed hackers to execute arbitrary code on the operating system by escaping from Firefox' security sandbox. Some anonymous attackers used the two Firefox security loopholes to plan an attack against Coinbase employees. The issue was confirmed by Coinbase Chief Information Security Officer (CISO) Philip Martin. Separately, one of the patched zero-day vulnerabilities has been found to give backdoor access to Mac machines used for a cryptocurrency exchange.

The remote code execution bug listed as CVE-2019-11707 was first reported by a Google Project Zero researcher. It was patched earlier this week, just before fixing the sandbox escape issue that has been described as CVE-2019-11708. Both flaws notably enabled the attackers to impact the Coinbase staff, which was noted by ZDNet.

"On Monday, Coinbase detected and blocked an attempt by an attacker to leverage the reported zero-day along with a separate zero-day Firefox sandbox escape, to target Coinbase employees," said Coinbase CISO Martin on Twitter. "We walked back the entire attack, recovered, and reported the zero-day to Firefox, pulled apart the malware and infra[structure] used in the attack and are working with various orgs to continue burning down [the] attacker infrastructure and digging into the attacker involved."

Martin added that the attack didn't target customers, though it was aimed at other cryptocurrency organisations as well that were notified.

"We're also releasing a set of IOCs (indicators of compromise) that orgs can use to evaluate their potential exposure," he continued.

The indicators of compromise shared by Martin suggests that attackers would send a spear-phishing email to influence the recipients to visit a webpage that can run a collect personal data stored on Firefox. The attack was notably designed for both Mac and Windows users.

Mozilla brought the Firefox 67.0.3 and Firefox ESR 60.7.1 to fix the initial zero-day bug. Later, it released the Firefox 67.0.4 and Firefox ESR 60.7.2 to patch the second zero-day vulnerability that was associated with the sandbox escape issue and contributed to the Coinbase exploit.

In other news, the remote code execution bug in Firefox that has been listed as CVE-2019-11707 is found to enabled attackers to install a Mac malware. The malware can be installed particularly on machines where a cryptocurrency exchange took place "until fairly recently," macOS security researcher Patrick Wardle pointed out in his blog.

As explained by Ars Technica, the overrides Apple's default security measures, including XProtect and Gatekeeper, to install malicious content on Mac machines through Firefox.

"I do not have direct evidence [Windows users] were targeted as a result of this exploit," independent reverse engineer Vitali Kremez told Ars Technica.

That being said, Windows and Mac both users are highly recommended to install the updated Firefox browser on their computers to avoid uncertain instances.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Mozilla Firefox, Firefox, Mozilla
Jagmeet Singh Jagmeet Singh writes about consumer technology for Gadgets 360, out of New Delhi. Jagmeet is a senior reporter for Gadgets 360, and has frequently written about apps, computer security, Internet services, and telecom developments. Jagmeet is available on Twitter at @JagmeetS13 or Email at jagmeets@ndtv.com. Please send in your leads and tips. More
YouTube Tests Hiding Comments by Default on Android in India

Related Stories

 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.
Listen to the latest songs, only on JioSaavn.com