After receiving reports that cybercriminals were increasingly using Firefox Send to distribute malware, Mozilla took this file-sharing service offline. Find out why the service was commonly used by hackers and what the company is doing to curtail this abuse.
Living up to its promise of putting people’s privacy and security before profits, Mozilla temporarily suspended its free file-sharing service, Firefox Send, on July 7, 2020, due to security concerns. “In light of recent reports of Firefox Send being used to distribute malware, we have decided to temporarily take the service offline,” said Mozilla support staff.
Why Cybercriminals Have Been Using It
Before Firefox Send was shut down, hackers had been increasingly using it to spread ransomware, spyware, and other types of malware. The cybercriminals uploaded a malware file on Firefox Send’s servers and included the file’s download link in business email compromise (BEC), phishing, and other malicious emails. That way, the hackers did not have to build their own file-sharing servers, saving time and effort.
Other reasons why cybercriminals used Firefox Send include:
What Mozilla Is Doing to Deter Cybercriminals
Mozilla has not yet released the improved Firefox Send at the time of this writing. However, the company has noted some of the security improvements it plans to include. For starters, Mozilla will require users to sign in with a Firefox account to send files. That way, cybercriminals cannot hide behind a veil of anonymity. Mozilla also plans to add an abuse reporting mechanism to supplement its existing feedback form. This will make it easier for file recipients and security researchers to flag malicious use of the service.
Besides making security-related improvements, Mozilla plans to add new features and capabilities that will enhance Firefox Send’s usability. The company has not released any details about these enhancements yet. Nor has it released any information about when the improved service will be available for use.