Mozilla Firefox users are this week being urged to update to the latest version after an exploit was found being used in the wild which allowed the scooping up of files from users’ computers via an ad without leaving a trace behind of the hack.
Advertisement
The internet users who use ad-blocking software are safe from this exploit but it depends on the particular software they use for filters.
The vulnerability relates to Mozilla’s PDF viewer, meaning that apps and services without a PDF viewer, such as Firefox for Android on mobile devices are not at risk.
“The exploit leaves no trace it has been run on the local machine”, said Veditz.
On Windows, the malware was looking for some very specific data, including configuration files for several different FTP upload programs including Filezilla, the subversion version control system, S3 Browser, and the PSI Plus and Pidgin chat clients that are popular choices for encrypted, off-the-record messaging.
According to the company, the vulnerability comes from collaboration JavaScript context separation and the browser PDF’s viewer.
The impact on you at home: If you use any of the programs mentioned above, Mozilla advises you to change your passwords and any keys associated with them. Users have been advised to update to the latest version of Firefox. Any file that the victim can read, the attacker can steal.
Mike Thompson, a security expert and director of Linus Information Security Solutions, said maintaining patch levels was the most important general measure users could take to reduce their exposure to these kinds of exploits.
He said that this exploit specifically targets Linux users, perhaps indicative of the hackers’ original targets. The company explains that this is one astonishing malware which is designed for targeting files related to developers which are considered to be served for news websites and it is expected to be deployed on various other websites as well. This applies for all the browser’s users, to avoid potential exploitation brought by the bug.
Adam Winn, senior product manager at OPSWAT told SCMagazineUK.com that the most common malware exploits are often tied to vulnerabilities that were identified years ago.
Advertisement
Although Apple users are not reported for any vulnerability due to this exploit, Mozilla still warns them to stay cautious of the malicious code, which searches and uploads files.
