CATEGORIES
home News

Mozilla Issues Urgent Patch To Protect Firefox Users From Ukrainian Data Vampires

by Brandon HillFriday, August 07, 2015, 11:20 AM EDT

If you’re a Firefox user, you should update your browser immediately. Mozilla was informed earlier this week by an astute Firefox user that a Russian news site was was using malicious advertisements to take advantage of an exploit in the browser when installed on Windows and Linux machines.

The exploit takes advantage of a vulnerability in the PDF viewer that is built into the Firefox browser. That also means that the mobile version of Firefox, which doesn’t include the PDF viewer, is not affected. Mac users were also spared from this particular exploit, but Mozilla still suggests that they upgrade Firefox to combat against future mutations of the exploit.

firefox

But for affected versions of Firefox, malicious parties were able to sniff out “sensitive files” on your computer and upload them to a Ukrainian sever. Mozilla describes the modus operandi of the exploit, stating:

On Windows the exploit looked for subversion, s3browser, and Filezilla configurations files, .purple and Psi+ account information, and site configuration files from eight different popular FTP clients. On Linux the exploit goes after the usual global configuration files like /etc/passwd, and then in all the user directories it can access it looks for .bash_history, .mysql_history, .pgsql_history, .ssh configuration files and keys, configuration files for remina, Filezilla, and Psi+, text files with “pass” and “access” in the names, and any shell scripts.

The most interesting part about this whole exploit is that it leaves no trace of its existence on your machine, so you would never know if you were the victim of these data vampires. As a result, Mozilla is asking users to “change any passwords and keys found in the above-mentioned files if you use the associated programs.”

Interestingly enough, Mozilla also says that Firefox users with adblocking software installed were likely protected from the exploit. Regardless of whether you’re a Mac user or use adblocking software, you should still upgrade to Firefox 39.0.3 to be fully protected in the future.

Mozilla was in the news last week when its CEO blasted Microsoft for taking it upon itself to seemingly make Edge the default browser in Windows 10 when upgrading, and making it slightly more difficult to revert back to the previously default browser. Unfortunately for Mozilla, most people were unsympathetic to its outrage and Microsoft of course didn’t issue a response (not that we expected them to).

Tags:  Firefox, Mozilla, exploit, Russia, Hackers, Ukraine
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment