Firefox Exploit Capable of De-anonymizing Tor Users Has Been patched

The Mozilla browser is being used all over the world by millions of users. Unfortunately, as is the case with any browser, a zero-day vulnerability will pop up now and then. The developers addressed this issue rather quickly, as it was capable of unmasking Tor users. For those who are unaware, the Tor Browser uses the Firefox “framework” as its foundation.

Tor Users Were Nearly Unmasked By A Zero Day

When browsing the World Wide Web, it is virtually impossible to remain 100% anonymous at all times. Even though anonymity software and VPN service providers are becoming more popular than ever before,  the programs and tools we use are not infallible. The recent zero-day exploit found in Firefox goes to show how difficult it is to remain anonymous.

This vulnerability was disclosed on Tuesday Night, and it even forced the Tor Project team to issue an emergency patch to their own browser. Firefox engineers then released their updated browser version Wednesday morning, and the exploit has been officially patched. Having the option to unmask Tor users’ real locations is never a positive development for a browser.

Hackers could exploit this vulnerability by tracking users into visiting an online site with customer-tailored web content. Through the use-after-free security hole, they can then execute arbitrary code on the host computer. As one would come to expect, this can lead to all kinds of mayhem, including the installation of remote trojans, malware, ransomware, and keyloggers.




But the most worrisome part was how this exploit collects and forwards both IP and MAC addresses, regardless of tools being used to obfuscate the information. For Tor users, this was a particularly grave concern, as they use their Tor browser to ensure that their real information is hidden from the rest of the world.

Mozilla Security Team’s Daniel Veditz explained it as follows:

“The exploit took advantage of a bug in Firefox to allow the attacker to execute arbitrary code on the targeted system by having the victim load a web page containing malicious JavaScript and SVG code. It used this capability to collect the IP and MAC address of the targeted system and report them back to a central server. While the payload of the exploit would only work on Windows, the vulnerability exists on Mac OS and Linux as well.”

It is possible that this exploit is similar to the tools used by the FBI to de-anonymize Tor users. While it remains to be seen if the exploit itself was created by law enforcement agencies, the loophole has been closed, and this method should no longer be a viable method of attack. It is another excellent example of how government hacking is helping the bad guys more than doing good.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.