Is my computer at risk if I continue to use Mozilla’s Firefox?
I really don’t think there’s any risk of this getting out of hand again. Or, at least, that’s what Martin’s statement appears to indicate. As of Thursday, Firefox has not one, but two patches, both aimed at fixing the cryptocurrency exchange issue. Why would you need two?
Yes, I know that every browser has an in-built security sandbox that should, theoretically, be more than capable of containing such fraud attempt, but it would seem that this malware somehow was capable of avoiding detection and detention.
Luckily for us, both issues have been dealt with, which means that Coinbase account holders can continue buying, selling, and stockpiling cryptocurrency without an issue. Well, this is one very happy ending nobody was hoping for, but there’s just one more thing on the plate: how did the malware exactly trigger the browser error in the first place?
As it happens, the viral payload was able to circumvent the usual safeguard through phishing. Yes, the nasty began wreaking havoc in your machine if you were oblivious enough to follow a link found in the body of an email or perhaps a pop-up ad on a spoofed website.
Well, at this point, these are all educated guesses since Firefox was careful enough not to blow the whistle on this little indiscretion.
That’s it for the home front. However, this doesn’t mean that the issue has been dealt with entirely. Patrick Wardle, the Mac cybersecurity think-tank, revealed that the very same issue could also give Mac users a run for their money.
What’s even more daunting is the fact that Mac cybersecurity experts have yet to find a fix for this issue. And, yes, it’s that bad – Wardle admitted that the unpatched gap could compromise machines that are up to date.
Well, this isn’t good news for all those out there who wanted to give Coinbase a try. Of course, this is not the first time hackers have tried to spoof cryptocurrency websites, but it’s still a black ball for Firefox.
So, what’s your take on this whole Coinbase snafu and the company’s hush-hush policy? Hit the comments section and let me know.