Mozilla has suspended its private and free file sharing service after security experts warned it was preferred by hackers as a means of spreading malware used in various attacks.
The qualities of the Firefox Send file sharing service were appreciated by hackers, who used it in large numbers to deliver their malicious codes. In response, Mozilla decided to discontinue it completely while working on improving it.
Launched in March 2019, Firefox Send is a file-sharing service that provides users with storage space for the large files they want to send. Despite the name, it is not only available to those who use Firefox.
Files stored by Firefox Send are encrypted, and users can choose to automatically destroy them after a number of downloads.
These qualities were also appreciated by hackers who used it massively to store malware, ransomware, spyware, bank viruses and other malicious codes to refer to links they sent via email or chat apps.
Security experts have observed how Firefox Send is used by hacker groups such as FIN7, REVil, Ursnif or Zloader and have warned Mozilla.
In an interview with ZDNet today, Colin Hardy, a UK cybersecurity researcher, took the time to describe some of several features that have drawn malware authors to Firefox Send.
For starters, Hardy said that Firefox URLs are natively trusted within organizations, meaning that email spam filters won’t detect or even be configured to block Firefox Send URLs.
Second, cybercrime gangs don’t have to invest any of their own time and financial resources into putting together a file-hosting infrastructure. They can just use Mozilla’s servers.
In a statement, a Mozilla spokesperson said: “These reports are deeply concerning on multiple levels, and our organization is taking action to address them all. We will temporarily take Firefox Send offline while we make improvements to the product.”
The manufacturer of the Firefox browser has decided to temporarily stop it until it makes some improvements. With this stop, hackers’ links to codes stored and used in campaigns were blocked instantly.
“We will temporarily take Firefox Send offline while we make improvements to the product. Before relaunching, we will be adding an abuse reporting mechanism to augment the existing Feedback form, and we will require all users wishing to share content using Firefox Send to sign in with a Firefox Account.
Among the measures already announced by Mozilla is a function of reporting abuse and limiting use based on Firefox accounts – only those who have such an account will still be able to send files through Firefox Send
Mozilla did not provide a timeline when it plans to relaunch the system. Nevertheless, the company promised that it would make sure all loopholes will be fixed.
As of this writing, Firefox Send services and links are all down. This means that any malware that relies on the system are virtually offline as well.