After reports of malware abuse, Mozilla temporarily suspends its Firefox Send file-sharing service and adds a new Report Abuse feature.
Firefox Send is a popular file-sharing feature for Mozilla’s flagship browser. It allows users to send and share attachments quickly. However, recent reports revealed that malware creators had abused the feature.
Mozilla’s action came after reports that many malware delivery systems are using Firefox Send. The feature was launched in March 2019, and since then, it is a staple browser feature. According to Mozilla, the feature provides a private and secure mechanism for sharing and hosting files.
Use as malware delivery
There is a crack in Mozilla’s system, which allows malware developers to deliver their payload. Despite Mozilla’s promise of privacy, hackers can access anyone’s files using a web portal.
All user files hosted on Firefox Send are encrypted. Users can also set the various hosting configuration for their files. Users can set the maximum downloads and time before their files are removed from the system.
We stopped advertising on Facebook in 2018, not because we thought our tiny budgets were going to break their bottom line, but to send a message: people come before profits.
So excited to see lots of other companies doing the same. https://t.co/NoXO8Ini4Y
— Firefox 🔥 (@firefox) June 26, 2020
It appears that this particular feature of the file-sharing system is what made it a target for hackers. Based on reports, the payload delivery system used by hackers is virtually the same. Hackers upload their payload into the system, and then the encrypted files are sent to their targets via email.
Since the start of the year, hackers used Firefox Send as their main payload delivery system. Among the reported attacks are ransomware, spyware, Trojans, and other financial crimes. Some of the most prolific hacking groups to use the system are Zloader, Ursnif, REVil, and FIN7.
Resolving the issue
Last month, cybersecurity experts started filing bug reports to Mozilla. The tech company later responded by adding the Report Abuse feature into the system.
Due to the severity of the issue, Mozilla decided to turn off the Firefox Send feature completely. The decision surprised many in the tech community.
In a statement, a Mozilla spokesperson said:
“These reports are deeply concerning on multiple levels, and our organization is taking action to address them all. We will temporarily take Firefox Send offline while we make improvements to the product.”
Mozilla did not provide a timeline when it plans to relaunch the system. Nevertheless, the company promised that it would make sure all loopholes will be fixed.
As of this writing, Firefox Send services and links are all down. This means that any malware that relies on the system are virtually offline as well.
Image courtesy of GatoInterlinguista/Wikimedia Commons