Firefox vulnerability exploit used to attack Tor users

A Firefox exploit was recently released to the public to hack a wide array of Firefox iterations, security experts announced.

The zero-day vulnerability is used to apply malicious codes to computers and devices that have Tor – used to hide one’s location or browsing habits – installed in them; and possibly a number of Firefox users, as well.

Tor published a post on their website saying, “This is a JavaScript exploit actively used against TorBrowser NOW.” One of Tor’s founders, Roger Dingledine, confirmed the existence of this vulnerability affecting their users.

According to the team of researchers who studied the script, the exploit goes for a memory corruption weakness that mostly affects Windows users.

Another independent researcher, TheWack0lian, said that the code was almost identical to an older one used to reveal the identities of users who visited a Tor-protected child pornography website. TheWack0lian added that just small parts of the script were changed this time.

The Federal Bureau of Investigation (FBI) eventually admitted to being responsible for that exploit which was installed on websites that used Freedom Hosting.

The Firefox exploit targeted users who installed Tor – a deanonymising program for the Internet.

Another researcher who studied the code, Joshua Yabut, said the vulnerability goes after a “use-after-free” bug that requires JavaScript to be turned on on the defenseless device. The code is “100% effective for remote code execution on Windows systems,” according to Yabut.

The hackers behind the code made sure of their work, as researchers saw at least 10 versions of it – indicative of extensive testing and production on the hackers’ part.

Mozilla was quick to take action with this issue as they released a patch for the 0-day exploit. They did, however, recommend having an alternated browser and using it whenever possible or disable JavaScript on as many sites as possible.

They also recommended their users to avoid relying on Tor whenever deanonymising attacks pose a weighty threat. Tor users have the option of disabling JavaScript, but doing so is against the program’s recommended settings.

Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.

Share on social media: