The advertisement on the Android Firefox Zero-Day was discovered by Joshua Cannell, Malware Intelligence Analyst at Malwarebytes, on the exploit database Inj3ct0r.
The Android Firefox Zero-Day Exploit works on Firefox versions 23/24/26 (Nightly) according the Russian hacker. The author included in the advertisement a proof of concept video to show how the hacker exploits the Android Firefox Zero-Day to download and execute a malicious app, just visiting a malicious link only. This last detail on way of infection is considered really concerning due the large number of compromised websites that serve malware to a wide audience of visitors.
The deploy and execution of a malicious app is possible only if users allow installation of Android apps (APKs) from unknown sources, a wrong choice to keep secure the Android mobile.
“The biggest problem in this situation is that Firefox automatically executes certain known files once they’re downloaded, and doesn’t give users an option to disable this. Without some sort of prompt, users have no idea that an external app has just been executed.” states the post.
The exploit could be served by luring victims with social engineering techniques, such as phishing, getting the user to click a compromised link.
Following the POC video waiting for the fixing of the Android Firefox Zero-Day vulnerability, in the video Russian hacker fil9 shows the exploit in action, ‘downloading and installing what appears to be an update for Firefox. However, when the “update” is executed automatically, viewers can see the potential for malicious code to be inserted.’
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.