[Security Alert] Update Firefox Browser Now as Hackers Exploit a Serious Bug Targeting Major Crypto Exchanges Users

Mozilla has issued a security alert warning that hackers are taking advantage of a serious bug in their Firefox browser, which can be used to take over the entire computer.

The company has warned that crypto owners face the highest level of an imminent attack, the Next Web reports. Firefox users have been asked to patch their browsers.

On Tuesday, Mozilla's security team warned about a critical “type confusion vulnerability” in the Firefox browser when it processes certain Javascript code. The company's security advisory stated:

“This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.”

The company did not divulge more details about the bug. So it still remains mysterious how the hackers have been exactly launching their attacks.

However, since the vulnerability involves processing Javascript, this may mean the bug can be triggered when visiting a malicious website or link.

Security Researchers Discover the Bug

The discovery of the bug was credited to a security researcher attached to Google Project Zero security team, Samuel Groß as well as Coinbase security team.

Groß claimed that he reported the bug about two months ago on April 15. In a tweet, the researcher explained that the initial public fix came about a week ago. He explained:

“I found and then reported the bug on April 15 but the first public fix then landed about a week ago.”

Groß explained that the delay in fixing the vulnerabilities could have been occasioned by need to have the next full release ready for launching as Firefox fixes its flaws by releasing a new version.

As per Groß’s explanation, hackers can exploit the bug for RCE [remote code execution. However, they would be required to meet various conditions. In most instances, RCE allows attackers to wholly take control of a specific web server.

Based on who reported the security flaw, it can safely be assumed that the security flaw was being exploited in attacks aimed at cryptocurrency owners. Groß also indicated that he did not have details about how the zero-day was used, and said that Coinbase Security could offer more details about the in-the-wild attacks. Groß explained further:

“However, most likely it can be exploited for [Universal Cross-Site Scripting (UXSS) attacks] which might be enough depending on the attacker’s goals.”

In most instances, UXSS attacks results to loss of vital data and information like login details, passwords as well as important credentials.

At the moment, there are precise details have been made public on how the bug has been used by unscrupulous individuals.

The US Cybersecurity and Infrastructure Security Agency has also issued an advisory, which warns, an attacker could exploit this vulnerability to take control of an affected system. Mozilla users have been advised to update their browsers to avoid any attack.

Do you think hackers have already exploited the Mozilla bug to steal cryptocurrencies from unsuspecting crypto owners? Let us know in the comments section.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide