Mozilla Closes Holes That Led to Coinbase Hacks
Hackers used two simple Mozilla vulnerabilities to spear-phish Coinbase employees.
A pair of simple Mozilla vulnerabilities made it easier for hackers to phish Coinbase employees. The exploit, detailed by ZDNet, was a remote code execution attack that could force machines running Firefox to install spyware to capture passwords and other data.
The two vulnerabilities - CVE-2019-11708 and CVE-2019-11707 - first appeared in April 15 and hackers used them to spear-phish Coinbase employees. When they visited sites linked in the email the browser would download a piece of spyware to steal logins and other data.
Some detail from the exploit suggests that the bug could escalate privileges outside of the "sandbox" where most Mozilla code runs:
STORY CONTINUES BELOW
The two vulnerabilities combined to create a perfect storm, allowing hackers to run malware installers instantly. Researchers discovered the exploits on April 15 and they suspect that hackers saw them in Mozilla's Bugzilla bug tracking database and exploited them before they could be patched. The hack did not effect Coinbase users.
is asking users to update their browsers in order close these holes.
Image via Shutterstock.