Firefox for Android vulnerability allows hackers to hijack device over Wi-Fi
Mozilla has patched a security flaw that could allow cybercriminals to hijack all vulnerable Firefox for Android browsers running on devices connected to the same Wi-Fi network. The vulnerability could be abused to force users to visit websites housing malicious content, which could then be used to execute phishing attacks or to download malware to their devices.
The vulnerability was discovered by Australian security researcher Chris Moberly, who said, “The victim simply has to have the Firefox application running on their phone. They do not need to access any malicious websites or click any malicious links. No attacker-in-the-middle or malicious app installation is required.” Moberly worked with Mozilla to fix the vulnerability with the updated Firefox version.