Popular Web Browser Firefox to Start Blocking Cryptojacking Malware

  • Firefox is set to start blocking cryptocurrency mining malware
  • The moves comes as the browser attempts to "give users a voice" when browsing the web.

Firefox, one of the world’s most popular web browsers, is set to start blocking cryptojacking malware by default in order to improve user experience and enhance its performance, in an anti-tracking initiative.

Through a blog post, the organization behind the open-source browser revealed it plans on blocking trackers and other harmful practices to “give users a voice.” Some of its new features, per the blog post, are already available in its Firefox Nightly beta version.

The post, written by Mozilla’s vice president of product Nick Nguyen, details Firefox will mitigate deceptive practices that include fingerprinting users – a technique used to “invisibly identify users by their device properties” and cryptojacking. It reads:

Other sites have deployed cryptomining scripts that silently mine cryptocurrencies on the user’s device. Practices like these make the web a more hostile place to be. Future versions of Firefox will block these practices by default.

Cryptojacking essentially consists of websites adding scripts to their code that let them use their visitors’ CPU resources to mine cryptocurrencies. While some websites ask users to use their CPUs instead of showing them ads, most use them without letting users know.

These scripts often ruin browsing experiences and can physically damage devices if they overheat. Over the past few months cryptojacking became a popular trend, as McAfee labs revealed cryptojacking malware cases increased by 629% in the first quarter of this year.

A study commissioned by Citrix and executed by OnePoll earlier this month revealed that 59% of businesses in the UK have, at some point, been hit with cryptojacking attacks. The trend grew so much that the Uk National Cyber Security Center revealed it is seen as a “significant” threat.

Firefox’s features are set to be tested on its Firefox Nightly beta version, and will be rolled out to a stable Firefox release by default if the company’s approach “performs well.” Firefox is notably one of various browser developers blocking cryptojacking malware and addressing the cryptocurrency space.

As CryptoGlobe covered Google has recently removed cryptocurrency mining apps from its Play Store, months after removing extensions from Chrome’s web store. Despite the tech giant’s move, several crypto mining apps were still on its app store after the ban.

Opera, a browser that recently introduced a mobile browser for Android with a built-in crypto wallet, rolled out mining script protection for its mobile users in January of this year. The feature was already featured on its desktop version by default. Notably, Opera is set to add its built-in cryptocurrency wallet to its desktop browser.

The Brave browser, founded by JavaScript creator and Mozilla co-founder Brendan Eich, also blocks trackers and cryptocurrency mining malware by default. Brave, as covered, recently surpassed 10 million downloads on Google’s Play store.

Why More Exchanges Need to Adopt the SAFU Fund Model

Phil Carroll is a Blockchain researcher and enthusiast following the market for over 5 years. He has been working as a freelance chain analyzer and as a content writer for whitepapers. In his spare time, he likes to write about topics that involve Bitcoin, Blockchain and cryptocurrencies.

Moons, lambos, HODLers — understanding the language of crypto means knowing your memes. Sometimes, they take on a life of their own. After all, Dogecoin is still going pretty strong more than five years in.

However, the #SAFU meme is one for which several Binance users have reason to be grateful, following the exchange’s recent hack. SAFU stands for Secure Asset Fund for Users, and its existence is the reason these users were able to have their stolen funds quickly reimbursed.

How the #SAFU Meme Became a Real-Life Failsafe for Binance Users

The CEO of Binance, Changpeng Zhao or CZ, used to regularly use the term “funds are safe” to reassure users during outages or routine maintenance work on the exchange servers. In May 2018, a YouTube user called Bizonacci released a video of CZ in which he offered repeated reassurances that “funds are safu” centuries into the future. Once the crypto community got hold of the video, it quickly went viral.

CZ took the joke in the best possible humor, and thereafter started using the phrase “funds are safu.” In July 2018, his company announced that they would be allocating a full ten percent of all trading profits to an actual SAFU, the Secure Asset Fund for Users. The fund would serve as insurance “to offer protection to our users and their funds in extreme cases.”

It was an interesting development, considering that, until recently, CZ was among the few exchange CEOs who could boast that his platform had never been hacked. However, the “extreme case” hit on May 7.

That day, Binance disclosed that it had been hacked in a blog post on the company’s website. It stated that 7,000 BTC (around $40 million at the time of the incident) had been stolen and that the exchange would be conducting a full security review as a result. Most critically, it gave an immediate reassurance to users that the SAFU would do its job and replace the lost funds.

A Refreshing Approach

Perhaps it was obvious that the SAFU should kick in as a result of the theft. After all, there aren’t many other circumstances where it should be needed. However, the communication approach that Binance took in this case was refreshing to see.

At the end of the aforementioned blog post was the statement “In this difficult time, we strive to maintain transparency and would be appreciative of your support.” This was together with a confirmation that CZ would continue with a previously-scheduled Twitter Ask-Me-Anything session later that day, which he went on to do.

The clarity of communication and commitment to refund the stolen BTC led several high-profile names in the crypto community to pledge their support. Tron’s Justin Sun offered to personally deposit 7000 BTC into Binance, and Coinbase committed to blocking deposits of the stolen funds. CZ had politely declined Sun’s offer, stating that the SAFU would cover the loss and that “we are hurt, not broke.”

Meanwhile, At The Other End of the Spectrum

It’s pretty easy to imagine the relief the affected Binance users must have felt at the exchange’s swift response, and to contrast that with the ongoing anguish of users hit by the Cryptopia hack earlier this year. The exchange was down for days before the Twitter account finally issued a confirmation of a security breach. Then nothing for weeks, as the New Zealand police became involved.

Even after that, updates were sporadic, only focused on the resumption of trading, and users were left wondering what was happening with their lost funds. The final kick in the teeth was when the announcement came in early May that liquidators had been appointed.

Although the Cryptopia case is extreme, it underlines how much less stressful dealing with exchanges would be if the SAFU approach were the norm rather than the exception. Although CZ is renowned for his near-constant Twitter presence, his responsiveness is also part of the reason why Binance generally has such a high level of trust within the crypto community. The company’s reaction to the hacking incident has only served to underline that.

Closing Thoughts

In light of the ongoing issues with hacks and thefts, it’s now high time that more exchanges start to adopt an insurance-based approach. Even for those users who don’t store their funds on an exchange, simply using a trading account for any amount of time is becoming a liability. If more exchanges offered a failsafe, the rest would be forced to follow.

Although a lack of regulation is what attracts many crypto enthusiasts, some basic industry standards for protecting exchange users would be no bad thing.