- The exploit forced machines running Firefox to install spyware.
- As per the reports, the bug didn’t affect Coinbase users.
Mozilla has released a Firefox 67.0.4 and Firefox ESR 60.7.2 to patch the vulnerabilities in its browser which allowed hackers to phish Coinbase employees. The exploit forced machines running Firefox to install spyware via remote code execution attack. The spyware was used to capture passwords and other personal data.
The two vulnerabilities named CVE-2019-11708 and CVE-2019-11707, the latter of which was discovered on April 15 by a Google Project Zero researcher who promptly reported it to Mozilla. Mozilla finally fixed the issues after Coinbase’s security team complained about attacks via the vulnerabilities.
The bugs allowed malicious actors to evade the Firefox protected process and execute code on the underlying operating system. In combination, the two bugs caused havoc and allowed hackers to run malware installers instantly. As per reports, the bug didn’t affect Coinbase users.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility.