Bitcoin Forum
December 13, 2024, 04:34:23 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: To all Firefox users, UPDATE your browser now before it's too late.  (Read 386 times)
bL4nkcode (OP)
Copper Member
Legendary
*
Offline Offline

Activity: 2142
Merit: 1307


Limited in number. Limitless in potential.


View Profile
June 19, 2019, 10:56:49 AM
Last edit: June 19, 2019, 02:31:13 PM by bL4nkcode
Merited by suchmoon (4), LoyceV (4), dothebeats (2), Mr. Big (2), bones261 (2), vapourminer (1), pooya87 (1), Lucius (1), Quickseller (1), bitmover (1), DdmrDdmr (1), o_e_l_e_o (1)
 #1

I just saw this article, though I'm not a firefox user but to those who are using it, UPDATE your firefox browser to the latest patch version now.

According to the article a zero-day flaw was exploited

It’s not clear exactly what hackers are attempting to gain by actively exploiting this flaw, but stealing cryptocurrency is one guess

A zero day flaw is
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.

Btw, dunno what board should post this, so I just let this thread here, feel free to report to mod to move the thread. moved.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18771


View Profile
June 19, 2019, 12:26:43 PM
Last edit: June 19, 2019, 02:08:00 PM by o_e_l_e_o
Merited by suchmoon (4), LoyceV (1)
 #2

More information here: https://www.cybersecurity-help.cz/vdb/SB2019061805?affChecked=1

Quote
A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a type confusion error and execute arbitrary code on the target system.

An exploitable crash is much worse than it sounds, and they potentially allow an attack to run arbitrary code on your system. This is a serious issue and you should update immediately.

I think this kind of post should probably go in Beginners and Help since it is not directly crypto related, but a lot of people will want to know about it.
bitmover
Legendary
*
Offline Offline

Activity: 2520
Merit: 6372


Wheel of Whales 🐳


View Profile WWW
June 19, 2019, 12:36:50 PM
 #3

I think this attack could work just if you have cryptocurrencies held in web wallets , right? if no browser is involved in your cryptocurrencies operations (like electrum / ledger nano) i see no much problem.

I just saw this article, though I'm not a firefox user but to those who are using it

Just curious, which browser do you use? I think firefox is the best out there, better privacy than chrome (which is almost a spyware), and have a bigger development team than Brave (which is the natural competitor in privacy terms). Maybe the new Edge may look interesting (as it is chromium based), but it is not stable yet.


I like this website a lot, and firefox is the top one recommended https://www.privacytools.io/browsers/

███████████▄
████████▄▄██
█████████▀█
███████████▄███████▄
█████▄█▄██████████████
████▄█▀▄░█████▄████████
████▄███░████████████▀
████░█████░█████▀▄▄▄▄▄
█████░█
██░█████████▀▀
░▄█▀
███░░▀▀▀██████
▀███████▄█▀▀▀██████▀
░░████▄▀░▀▀▀▀████▀
 

█████████████████████████
████████████▀░░░▀▀▀▀█████
█████████▀▀▀█▄░░░░░░░████
████▀▀░░░░░░░█▄░▄░░░▐████
████▌░░░░▄░░░▐████░░▐███
█████░░░▄██▄░░██▀░░░█████
█████▌░░▀██▀░░▐▌░░░▐█████
██████░░░░▀░░░░█░░░▐█████
██████▌░░░░░░░░▐█▄▄██████
███████▄░░▄▄▄████████████
█████████████████████████

█████████████████████████
████████▀▀░░░░░▀▀████████
██████░░▄██▄░▄██▄░░██████
█████░░████▀░▀████░░█████
████░░░░▀▀░░░░░▀▀░░░░████
████░░▄██░░░░░░░██▄░░████
████░░████░░░░░████░░████
█████░░▀▀░▄███▄░▀▀░░████
██████░░░░▀███▀░░░░██████
████████▄▄░░░░░▄▄████████
█████████████████████████
.
...SOL.....USDT...
...FAST PAYOUTS...
...BTC...
...TON...
Lucius
Legendary
*
Offline Offline

Activity: 3458
Merit: 6236


Crypto Swap Exchange🈺


View Profile WWW
June 19, 2019, 12:47:49 PM
 #4

Thanks for the warning Wink

Firefox was my favorite browser for years, but about a month ago they add some new feature in browser because of which I had to stop using it. What they do is to in order to reduce using of RAM, to unload any open page in tabs, so if user is switching between tabs that page will need to reload every time which is pretty irritating. I try to disable that option which is called "Suspend Idle Tabs", but without success.

We know that Chrome is had a similar problem a few months ago, too bad that Firefox did not patch this exploit before hackers discovered it. However this will not affect too many users, all statistic show that less then 10% is using Firefox.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
bL4nkcode (OP)
Copper Member
Legendary
*
Offline Offline

Activity: 2142
Merit: 1307


Limited in number. Limitless in potential.


View Profile
June 19, 2019, 12:53:55 PM
 #5

I think this kind of post should probably go in Beginner's and Help since it is not directly crypto related, but a lot of people will want to know about it.
Just moved...

Just curious, which browser do you use? I think firefox is the best out there, better privacy than chrome (which is almost a spyware), and have a bigger development team than Brave (which is the natural competitor in privacy terms). Maybe the new Edge may look interesting (as it is chromium based), but it is not stable yet.
I frequently use brave for browsing and accessing favorite sites while only use firefox for my work--developing websites. Never think of using edge as of now.
rhomelmabini
Hero Member
*****
Offline Offline

Activity: 2058
Merit: 578

No God or Kings, only BITCOIN.


View Profile
June 19, 2019, 01:34:07 PM
 #6

Just updated my Firefox browser to the latest version 67.0.3 but mine is new as it just been installed recently from version 67.0.1 but just to be sure I've updated it to the new one. Seen this across telegram channels and group too about a possible attack, good thing it has been found by the Coinbase Security Team and Samuel Groß, a security researcher with Google.

@bL4nkcode I know your Filipino as well, I guess it will be best too to post this onto our local board for some notice, I guess some users are using Firefox browser too in there, the more it is disseminated throughout the forum the better.

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18771


View Profile
June 19, 2019, 02:13:48 PM
Merited by LoyceV (1), Lucius (1)
 #7

I think this attack could work just if you have cryptocurrencies held in web wallets , right?
No. An exploitable crash allows an attacker to execute code outwith the browser. Your entire system is potentially at risk.

So will Firefox install updates automatically with standard installation or is this something you need to check for updates in settings?
Click Help -> About Firefox. The latest version is currently 67.0.3 (assuming you are not using Beta or Nightly builds). If an update is available, a click box will be present prompting you to download it, and it will then install automatically after you restart Firefox. If you have the latest version already, instead of the click box you will see the words "Firefox is up to date".

What they do is to in order to reduce using of RAM, to unload any open page in tabs, so if user is switching between tabs that page will need to reload every time which is pretty irritating.
You should be able to disable this by going to about:config, searching for browser.tabs.unloadOnLowMemory, and changing from "true" to "false".
bL4nkcode (OP)
Copper Member
Legendary
*
Offline Offline

Activity: 2142
Merit: 1307


Limited in number. Limitless in potential.


View Profile
June 19, 2019, 02:23:18 PM
 #8

@bL4nkcode I know your Filipino as well, I guess it will be best too to post this onto our local board for some notice, I guess some users are using Firefox browser too in there, the more it is disseminated throughout the forum the better.
Thanks for the heads up, never thought of posting it there earlier. Will do that.
naska21
Hero Member
*****
Offline Offline

Activity: 1358
Merit: 635


View Profile
June 19, 2019, 03:40:25 PM
 #9

Well, sandbox your FF or any browser  so that you  can go about your  day feeling safe. The essential point in this case is the lack of menace  to your OS on the part of  zero-day exploit (no matter which one is it) therefore  your browser  can be updated at any time.
LTU_btc
Legendary
*
Offline Offline

Activity: 3276
Merit: 1377


Slava Ukraini!


View Profile WWW
June 19, 2019, 08:03:38 PM
 #10

Thanks for warning. I have enabled auto updates on Firefox. But now I just checked to be sure that I have latest version of browser installed. And I found that I have 67.0.2 version, not sure why 67.0.3 wasn't installed until now. So, I just updated it.
I'm not sure, but in recent months I got impression that various vulnerabilities appears on browsers more often than in past.

dothebeats
Legendary
*
Offline Offline

Activity: 3808
Merit: 1355


View Profile
June 19, 2019, 10:00:34 PM
 #11

I have always used FF over Chrome and Edge for banking-related services and browsing that I need for the last few years. Never have encountered a single problem with them. I'm just wondering if I'm at risk considering that I did browse my bank and logged in using FF yesterday? I have already updated to the latest version and just wondering whether online-related services are also exploited. Good thing is I don't store wallets on my online machines, not even once.

█████████████████████████████████
████████▀▀█▀▀█▀▀█▀▀▀▀▀▀▀▀████████
████████▄▄█▄▄█▄▄██████████▀██████
█████░░█░░█░░█░░████████████▀████
██▀▀█▀▀█▀▀█▀▀█▀▀██████████████▀██
██▄▄█▄▄█▄▄█▄▄█▄▄█▄▄▄▄▄▄██████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀███████████████████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀██████████▄▄▄██████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
 Crypto Marketing Agency
By AB de Royse

████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████████████████████████████████████████████████████████████████████████████████████████████████
WIN $50 FREE RAFFLE
Community Giveaway

██████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████
██
██████████████████████
██████████████████▀▀████
██████████████▀▀░░░░████
██████████▀▀░░░▄▀░░▐████
██████▀▀░░░░▄█▀░░░░█████
████▄▄░░░▄██▀░░░░░▐█████
████████░█▀░░░░░░░██████
████████▌▐░░▄░░░░▐██████
█████████░▄███▄░░███████
████████████████████████
████████████████████████
████████████████████████
hatshepsut93
Legendary
*
Offline Offline

Activity: 3038
Merit: 2162


View Profile
June 19, 2019, 10:48:45 PM
Merited by vapourminer (1)
 #12

Stuff like this is why crypto users, especially those with serious amounts, should research security on their own. Big wallets should always be cold wallets, and when it's necessary to do some online operations, like trading on exchange, it's better to have a separate device for that purpose only. So, it's a good idea to grab and old PC or Laptop, install the freshest Linux, and use it for online wallets and nothing else - no browsing, no emails, no programs. This way even zero days like this one will be unlikely to hit you, as long as the exchange site is not hacked - but that is something that will always be outside of your control.
pooya87
Legendary
*
Offline Offline

Activity: 3668
Merit: 11107


Crypto Swap Exchange


View Profile
June 20, 2019, 03:17:52 AM
 #13

usually when you report a vulnerability in an application it is best to include the affected version(s) in your title or the opening post. this helps users reading the board in the future to quickly check their app's version and see if it concerns them or not.
in this case versions below 67.0.3 are vulnerable.

P.S. this is just another case of "cold storage not affected" which shows importance of using it.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
jademaxsuy
Full Member
***
Offline Offline

Activity: 924
Merit: 221


View Profile WWW
June 20, 2019, 03:58:10 AM
 #14

Thank you for the quick alarm OP. I am always using firefox browser and I am not aware of this after I have read your thread. I am thankful that there are users here and a forum I can rely on especially in terms of technical aspects. This is why I always visit also this section and the meta section to follow for more updates in the cryptocurrency and in the forum.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18771


View Profile
June 20, 2019, 10:14:54 AM
 #15

I'm just wondering if I'm at risk considering that I did browse my bank and logged in using FF yesterday?
An "exploitable crash", as this issue was, is just that - a way to crash your browser which results in arbitrary code being run on your machine. If your browser did not crash, then you personally were not attacked. If you have now updated, then it is no longer an issue for you.

wondering whether online-related services are also exploited.
It is possible there are companies or services still using an older version of Firefox who would still be at risk of being attacked, but there is nothing you or I could do about that.

So, it's a good idea to grab and old PC or Laptop, install the freshest Linux, and use it for online wallets and nothing else - no browsing, no emails, no programs.
Although that is good advice in general, it wouldn't necessarily have protected against this attack. This attack was via the official (and until recently most up-to-date) version of Firefox. It was used in the wild before being patched. The same kind of issue could arise with any other browser (and indeed, it has), or indeed with any OS or any other software which you use, even official and up to date versions. Having a clean install doesn't guarantee safety.
Lucius
Legendary
*
Offline Offline

Activity: 3458
Merit: 6236


Crypto Swap Exchange🈺


View Profile WWW
June 20, 2019, 12:54:17 PM
 #16

You should be able to disable this by going to about:config, searching for browser.tabs.unloadOnLowMemory, and changing from "true" to "false".

Thanks for this information Smiley

I try some other options in about:config which I found on internet and which should have fix this problem, but nothing is work at that time. I will try with your advice, but I must say that some other browsers I use now (Brave, Opera and even Chrome) are working much better then Firefox in terms of speed and loads of RAM. Yet this is just my subjective thinking, and I'm sure personal experience depends on user hardware and OS.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Theb
Hero Member
*****
Offline Offline

Activity: 1680
Merit: 655


View Profile
June 20, 2019, 01:23:05 PM
 #17

Reports are already showing that hackers are able to exploit the bug for Remote Control Execution which makes the hacker gain control with their targeted web servers. Rumors are also telling that Coinbase might be the direct target with this kind of attack but there are still no reports of stolen fund from its users or for any websites out there yet. 

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!