Firefox Send Used to Spread Malware, Mozilla Temporarily Stops the Service
Mozilla suspended the Firefox Send service after it received reports that it was used by bad actors to host and send malware to unsuspecting users.
Firefox Send is a service that lets people upload files and send them to other users in a secure manner. The payload is encrypted on the server, making it difficult for third parties to intercept. While it might be a good service for people looking for privacy, it was also used in nefarious purposes.
It was just a matter of time before malware operators figured out that a trusted online service used to send files, which also features a timeout function for the hosted data, was a great tool to deploy everything from trojans to ransomware.
According to a ZDNet report, security researchers noticed this worrying trend a while ago and kept pestering the company to do something about the situation. Unfortunately, investigations into possible attacks were hampered by the fact that links to the infected files expired by the time a proper analysis could be performed.
One of the features that security experts wanted to see added to Firefox Send was a “Report File” button, but that didn’t happen. But, in a surprise move, Mozilla moved to suspend the service entirely until they could safely provide this service.
We will temporarily take Firefox Send offline while we make improvements to the product,” said Mozilla to ZDNet. “Before relaunching, we will be adding an abuse reporting mechanism to augment the existing Feedback form, and we will require all users wishing to share content using Firefox Send to sign in with a Firefox Account. We are carefully monitoring these developments and looking critically at any additional next steps,” the company explained.
There is no timeline for the service’s return, and all links generated by the service that were still available have been deactivated.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021