Firefox Vulnerability Was Used For An Attempt to Attack Coinbase

ZDNet reports that a recent Mozilla announcement about updating Firefox due to a vulnerability occurred as a result of a specific attack that was directed at Coinbase and other exchanges. The attack was stopped, all funds safe.

Coinbase discovered the attack on Monday, and then reported to Mozilla about the detection and blocking of the hacking attempt. This is what prompted Mozilla to release a patch for the code and immediately alert all users to upgrade.

Philip MARTIN, a member of the Coinbase security team, is quoted:

"We walked back the entire attack, recovered and reported the 0-day to Firefox, pulled apart the malware and [infrastructure] used in the attack, and are working with various orgs to continue burning down [the] attacker's infrastructure and digging into the attacker involved."

It is important that the software is fixed and Coinbase intercepted the attack before serious problems occur. However, the strange thing in history is that the vulnerability was originally discovered on April 15 by a security researcher from the Google Project Zero team. The article assumes that attackers could learn about its existence in various ways, including insider information from Mozilla.

Image courtesy of Lansweeper