Security Surprises On Firefox Quantum
This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.
This means two things
1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.
Ubuntu Version:
Firefox Quantum version:
The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip
The zip contains these two files:
3f201a8984d6d765bc81966842294611 libgmpopenh264.so
44aef3cd6b755fa5f6968725b67fd3b8 gmpopenh264.info
The info file:
Name: gmpopenh264
Description: GMP Plugin for OpenH264.
Version: 1.6.0
APIs: encode-video[h264], decode-video[h264]
So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.
In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.
Related news
- Hacking Tools Software
- Hacking Tools And Software
- Bluetooth Hacking Tools Kali
- Best Pentesting Tools 2018
- Hack Website Online Tool
- Hacking Tools For Windows Free Download
- Pentest Tools Download
- Hacker Tools List
- Hack Tool Apk No Root
- Hack Tools Online
- Hack Tools Github
- Pentest Tools For Ubuntu
- Pentest Tools Android
- Android Hack Tools Github
- New Hack Tools
- Pentest Tools Kali Linux
- Hack Tools For Pc
- Hacker Tools Windows
- Hacker Tools Windows
- Hack Tools Pc
- Pentest Tools List
- Github Hacking Tools
- Hacking Tools For Windows Free Download
- Pentest Box Tools Download
- Hacker Techniques Tools And Incident Handling
- Hacker Tools Apk
- Pentest Tools Android
- Blackhat Hacker Tools
- Hacker Tool Kit
- Hack Tools For Ubuntu
- Termux Hacking Tools 2019
- Kik Hack Tools
- Hak5 Tools
- Hack Apps
- Pentest Tools Bluekeep
- Hacker Tools
- Hack Rom Tools
- Hacking Tools Download
- Pentest Tools Website
- Hacker Hardware Tools
- Pentest Tools Nmap
- Game Hacking
- Pentest Reporting Tools
- Hack Tools Download
- Tools Used For Hacking
- Hacking Tools Kit
- Hacking Tools For Windows Free Download
- Hacker Tools Apk
- Top Pentest Tools
- Termux Hacking Tools 2019
- Hack App
- Hacking Tools Kit
- Hacker Tools 2020
- Hack Tools For Ubuntu
- Pentest Tools Windows
- Hacking Tools Online
- Hacking Tools For Pc
- Hackrf Tools
- Hacker Tools Apk Download
- Hack Tools For Ubuntu
- Hack Tools For Mac
- Easy Hack Tools
- Hack Apps
- Hack Apps
- Game Hacking
- Pentest Box Tools Download
- Hack Tools Mac
- Pentest Reporting Tools
- Hacking Tools Free Download
- Hacking Tools Mac
- Hackrf Tools
- Easy Hack Tools
- Hacking Tools 2019
- Best Hacking Tools 2019
- Hack Tool Apk
- Termux Hacking Tools 2019
- Hacking Tools Name
- Top Pentest Tools
- Hacking Tools Windows 10
- Hack Tools For Windows
- Best Hacking Tools 2020
- Best Hacking Tools 2020
- Hacking Tools Github
- Hacker Tools Apk
- Pentest Automation Tools
- Hacking Tools Download
- Hacker Tools Linux
- Physical Pentest Tools
- Hak5 Tools
- Pentest Tools For Mac
- Hacker Tools Online
- Best Pentesting Tools 2018
- Hacking Tools For Beginners
- Bluetooth Hacking Tools Kali
- Hack Tools Online
- Pentest Tools Free
- Hacking Tools For Windows
- Hacking Tools For Windows Free Download
- Hack Website Online Tool
- New Hacker Tools
- What Are Hacking Tools
- Hacker Tools For Windows
- Hack Tools
- Pentest Tools Open Source
- Hack And Tools
- Pentest Tools Framework
- Hack Tool Apk No Root
- Hacking Tools Mac
- Pentest Tools Nmap
- Hacking Tools For Kali Linux
- Hacking Tools For Games
- Kik Hack Tools
- Hacks And Tools
- Beginner Hacker Tools
- Pentest Tools Subdomain
- Hacking Tools Software
- Pentest Automation Tools
- Pentest Tools Download
- Hacker Tools Software
- Hacking Tools Hardware
- How To Make Hacking Tools
- Hack Tools
- Pentest Tools List
- Hack Website Online Tool
- Pentest Tools Bluekeep
- Pentest Reporting Tools
- Hack Tools For Pc
- Hack Tools Download
- Hacker
- Pentest Tools Alternative
- Hacking Tools Kit
- Hack Tools Online
- Hacking Tools Kit
- New Hacker Tools
- Pentest Tools Online
- Game Hacking
- Hacking Tools 2019
- Hack Website Online Tool
- Best Pentesting Tools 2018
- Pentest Automation Tools
- Hacker Tools
- Pentest Tools Bluekeep
- Pentest Tools Android
- Hacking Tools For Windows Free Download
- Hack Tools Online
- Hacking Tools For Windows 7
- Pentest Tools Subdomain
- Hack Website Online Tool
- New Hack Tools
- Hacking Tools For Beginners
- Hack Tools For Pc
- Pentest Tools Kali Linux
- Hacking Tools And Software
- Pentest Tools Open Source
- Hack Tool Apk No Root
- Pentest Tools
- Hack Tools Mac
- Hacking Tools Software
- Hacking Tools Name
- Hack Tools Online
- How To Install Pentest Tools In Ubuntu
- Hacker Tool Kit
- What Are Hacking Tools
- Hack Tools Mac
posted by a Confidential Source @ 8/20/2020
0 comments
0 Comments:
Post a Comment
<< Home