Mozilla has temporarily suspended its file-sharing service Firefox Send following reports that it was abused by cybercriminals who used the service to distribute malware.
The Firefox maker took down the platform after media outlets reached out to inquire about malware-hosting issues that had been found.
While Firefox Send was initially created back in 2017 as one of Mozilla’s Test Pilot experiments, the company officially launched the service in March of last year. Firefox Send provides users of Mozilla’s browser with the ability to host and share files securely and privately.
All of the files that are uploaded and shared through the service are stored using end-to-end encryption and users can configure how long a file is saved as well as how many times it can be downloaded before it expires.
Distributing malware
Since its launch last year, Firefox Send has seen increased adoption by the malware community whose members use the service to upload malware payloads. Once the malware has been uploaded, hackers share links to it inside emails that are sent out to their targets.
Over the past few months, Firefox Send has been used by cybercriminals to store payloads for a number of different operations including ransomware attacks, financial crime, banking trojans and spyware. Fin7, Sodinokibi and Zloader are just a few of the malware gangs and strains that have used the service to host their payloads. The reason the service has become so popular among cybercriminals is because organizations natively trust Firefox URLs and that it sends encrypted data which makes it harder for malware detection solutions to identify.
For the past few months, security experts have complained about the fact that Firefox Send lacks a “report Abuse” mechanism or a “Report File” button as this would allow them to report malware operations that have abused the platform.
A spokesperson for Mozilla explained to ZDNet that the company will take Firefox Send offline while it improves the product, saying:
“These reports are deeply concerning on multiple levels, and our organization is taking action to address them. We will temporarily take Firefox Send offline while we make improvements to the product. Before relaunching, we will be adding an abuse reporting mechanism to augment the existing Feedback form, and we will require all users wishing to share content using Firefox Send to sign in with a Firefox Account. We are carefully monitoring these developments and looking critically at any additional next steps.”
Via ZDNet
