A Russian black-hat hacker that goes under the name of “fil9” just created a Zero Day exploit for Android Firefox and more than that, he let it go out in the wild, by putting it on sale in an Open Exploit market.
According to its creator, this Zero Day vulnerability in the Firefox for droids works for the 23-24-26 (Nightly) versions of the browser.
The add on the Open Exploit market was observed by a Malwarebytes employee, a malware intelligence analyst named Joshua. The price for the exploit was as low as $460, which is pretty cheap for a zero-day Android malware.
The Russian hacker actually put a video on Youtube in which he demonstrates the exploit’s capabilities. The malware works by forcing the mobile version of the Android-Firefox browser to download and execute a malicious application and this happens if you click on an infected link, that’s all that it takes.
The main problem is that a huge number of major websites are hacked and compromised constantly and their visitors (using Firefox for Android obviously) are very vulnerable to this kind of attack.
Joshua explained on his blog what is the problem with this kind of exploits, let me quote him on that:
“The biggest problem in this situation is that Firefox automatically executes certain known files once they’re downloaded, and doesn’t give users an option to disable this.Without some sort of prompt, users have no idea that an external app has just been executed.”
If you’re using Firefox for Android, I would recommend you to switch to Chromium or another browser until Mozilla creates a patch for this vulnerability.