Mozilla urges Android users to update their Firefox browsers immediately to version 79, to avoid being hijacked. The company was informed and patched a critical bug in its SSDP component of Firefox browser, which can let an attacker on the same network run a malicious script and forcibly redirect other users to certain websites, potentially phishing links.
Update Your Firefox Browsers Immediately!
Mozilla has bought new features in Android’s Firefox v81 earlier this week. While many users are still running versions older than 79, the maker now urges users to update their browsers to version 79 at least. This is because the version contains a patch for a critical Wi-Fi bug, which can be exploited by hackers to hijack Android Firefox.
— initstring (@init_string) September 15, 2020
As spotted by Chris Moberly, an Australian cybersecurity researcher, the Firefox for Android has a bug in its Simple Service Discovery Protocol (SSDP) component, which can be hacked over a Wi-Fi network. This component lets Android Firefox browsers to find other browsers on the same network, to be able to connect and share files.
This is a more limited version or exclusive to Firefox Android browsers, unlike the Firefox Send which lets users host content and share links of them to others. While this has been discontinued recently, the SSDP connection is exclusive to Android Firefox. This was later explained by ESET researchers that, a hacker on the same network will be able to get the XML file of other Firefox browsers.
This XML file has an “intent” that directs the browser to access a link. And since the old Firefox browsers can hide Android “intent” command in the XML file, it can covertly be hijacked to write the desired link of hacker’s. Thus, forcing the hijacked browsers to open up a page that may contain phishing form, malicious app or others.