Firefox Fault Allowed Hackers to Open Malicious Pages Remotely on Android Phones

Without the need to click on links, install malicious software, or carry out man-in-the-middle ( MitM) attacks, a vulnerability found in Firefox for Android may have been abused to remotely open arbitrary websites on a target user’s computer.

The bug was found in version 68 of Firefox for Android by researcher Chris Moberly. Mozilla was confirmed to announce that the latest Firefox Fenix (starting with version 79) is not affected — the Android version of Firefox jumped from 68 to 79 when Fenix removed the Fennec version.

The flaw is linked to Firefox regularly sending out SSDP discovery messages in search of second-screen gadgets it can cast to, according to Moberly. Any computer which is linked to the same local area network ( LAN) will read these messages.

An attacker connected to the same Wi-Fi network as the targeted user may install a malicious SSDP server which is set up to react with specially designed messages which trigger Firefox to open an arbitrary website.

This is probable because the messages that Firefox broadcasts are searching for an XML file that defines a Common Plug and Play (UPnP) computer that it can cast to, but instead the server of the attacker responds with a message referring to a Firefox-invoked Android Purpose URI.

SEE ALSO:
Vulnerability of Mitsubishi Patches Disclosed at ICS Hacking Contest

The weakness is analogous to RCE (remote command execution) in that a remote attacker (on the same WiFi network) will cause the system to execute unauthorised zero-interaction features from the end user. This execution, however, is not completely random in that only predefined task intents can be named, Moberly explained.

He said, “Had it been used in the wild, other applications might have exploited known-vulnerable motives.” Or it may have been used in a fashion similar to phishing attacks where a malicious website is pushed into the victim without their knowledge in the hopes of entering any personal data or deciding to install a malicious programme. The POC exploit will connect directly to the .xpi file, causing a malicious extension to be enabled immediately to compromise the browser itself.

Technical knowledge and a proof-of – concept (PoC) exploit were published by Moberly. ESET researcher Lukas Stefanko verified that the hack is functioning and posted a video demonstrating how a hacker can simultaneously open arbitrary websites on three phones.

SEE ALSO:
Chinese-Speaking Threat Actor Targeting Microsoft Exchange Vulnerabilities
Leave a Reply
Previous Post
TikTok

Trump Backs Planned Agreement to Keep TikTok Involved in the United States

Next Post
How vpn works?

Simple Ways to Test a VPN’s Security

Related Posts