As reported by ZDNet, Mozilla has temporarily suspended the Firefox Send file-sharing service as the organization investigates reports of abuse from malware operators and while it adds a “Report abuse” button.
The browser maker took down the service today after ZDNet reached out to inquire about Firefox Send’s increasing prevalence in current malware operations. Mozilla launched Firefox Send in March 2019. The service provides secure and private file-hosting and file-sharing capabilities for Firefox users. Despite its name, the service is in reality accessible for anyone accessing the send.firefox.com web portal.
Although other services exist, Firefox is a clear favourite for threat actors for a number of reasons. Benefiting illicit use, Firefox Send encrypts data which reduces the chances of any malware being detected. Download links can also be configured to expire after they have been downloaded a specific number of times, which will hinder incident response efforts.
Firefox URLs are usually trusted within organisations too, which means the standard email spam filters will struggle to detect or block nefarious links. There is also a password feature which helps protect the enclosed from being detected. Any changes to protect companies will be difficult, as although it may seem like they assist criminal hackers, these functions are also beneficial in terms of privacy to the legitimate user too.