The recently reported Firefox’s zero-day flaw was used by hackers to attack Coinbase employees on June 17.
The recent Firefox’s zero-day security flaw was used in attacks against major crypto exchange and wallet service Coinbase, according to a tweet from Coinbase security researcher Philip Martin posted on June 20.
As Martin found, the reported critical zero-day vulnerability in Mozilla’s Firefox web browser, which was announced on June 18, has actually emerged along with another zero-day flaw that targeted Coinbase employees, meaning that there were two separate Firefox zero-day attacks.
The Coinbase security expert tweeted:
“On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox escape, to target Coinbase employees.”
Martin continued that Coinbase was not the only crypto-related company targeted in the campaign, adding that the firm is working to report other businesses that they believe were also targeted. He emphasized that the company’s security team has seen “no evidence” that the exploit targeted Coinbase customers.
Coinbase Security first reported on the security flaw along with Samuel Groß, security researcher with Google Project Zero’s security team, who argued that he first reported the bug to Mozilla on April 15, 2019.
Following these reports, Mozilla released security updates for its browser, admitting that the company is “aware of targeted attacks in the wild abusing this flaw.”
Specifically, Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to fix the reported zero-day flaw tracked as CVE-2019-11707, describing it as a “confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop.”
Recently, crypto enthusiast John McAfee’s crypto trading platform suffered a denial of service (DOS) attack by hackers immediately after its launch.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.