Popular Web Browser Firefox to Start Blocking Cryptojacking Malware

  • Firefox is set to start blocking cryptocurrency mining malware
  • The moves comes as the browser attempts to "give users a voice" when browsing the web.

Firefox, one of the world’s most popular web browsers, is set to start blocking cryptojacking malware by default in order to improve user experience and enhance its performance, in an anti-tracking initiative.

Through a blog post, the organization behind the open-source browser revealed it plans on blocking trackers and other harmful practices to “give users a voice.” Some of its new features, per the blog post, are already available in its Firefox Nightly beta version.

The post, written by Mozilla’s vice president of product Nick Nguyen, details Firefox will mitigate deceptive practices that include fingerprinting users – a technique used to “invisibly identify users by their device properties” and cryptojacking. It reads:

Other sites have deployed cryptomining scripts that silently mine cryptocurrencies on the user’s device. Practices like these make the web a more hostile place to be. Future versions of Firefox will block these practices by default.

Cryptojacking essentially consists of websites adding scripts to their code that let them use their visitors’ CPU resources to mine cryptocurrencies. While some websites ask users to use their CPUs instead of showing them ads, most use them without letting users know.

These scripts often ruin browsing experiences and can physically damage devices if they overheat. Over the past few months cryptojacking became a popular trend, as McAfee labs revealed cryptojacking malware cases increased by 629% in the first quarter of this year.

A study commissioned by Citrix and executed by OnePoll earlier this month revealed that 59% of businesses in the UK have, at some point, been hit with cryptojacking attacks. The trend grew so much that the Uk National Cyber Security Center revealed it is seen as a “significant” threat.

Firefox’s features are set to be tested on its Firefox Nightly beta version, and will be rolled out to a stable Firefox release by default if the company’s approach “performs well.” Firefox is notably one of various browser developers blocking cryptojacking malware and addressing the cryptocurrency space.

As CryptoGlobe covered Google has recently removed cryptocurrency mining apps from its Play Store, months after removing extensions from Chrome’s web store. Despite the tech giant’s move, several crypto mining apps were still on its app store after the ban.

Opera, a browser that recently introduced a mobile browser for Android with a built-in crypto wallet, rolled out mining script protection for its mobile users in January of this year. The feature was already featured on its desktop version by default. Notably, Opera is set to add its built-in cryptocurrency wallet to its desktop browser.

The Brave browser, founded by JavaScript creator and Mozilla co-founder Brendan Eich, also blocks trackers and cryptocurrency mining malware by default. Brave, as covered, recently surpassed 10 million downloads on Google’s Play store.

MetaMask Has Been Broadcasting Users' Ethereum Addresses to Visited Websites by Default

Popular Ethereum wallet MetaMask has been broadcasting users’ Ethereum wallets to the websites they visit, allowing third-parties to see their ETH addresses and potentially link them to their browsing activity.

According to a recently raised GitHub issue, MetaMask has a built-in “privacy mode” that could stop this from happening, but that needs to be manually activated by the user. If it isn’t enabled, it sends websites what are known as “message broadcasts.”

These have raised concerns, as “any advertisement, or tracker” can detect MetaMask users’ Ethereum addresses through them and potentially link the address to users’ browsing activity – compromising anonymity.

The user who created the GitHub issue wrote:

It sacrifices the privacy of everyone in the system because sites like Amazon, Google, PayPal, and others can link your blockchain transactions to credit card payments, thereby your identity, and the identity of the last person you transacted with – a person who wants to remain anonymous.

MetaMask is a popular browser extension that gives users access to decentralized applications (dApps) on the web. It has been installed over a million times on Google Chrome, and is available for Brave, Mozilla Firefox, and Opera.

The Next Web reportedly tested the wallet’s default settings, and managed to confirm third-party trackers may be able to detect these message broadcasts, which can be relayed to ads and trackers “such as Google+ like buttons, Facebook like buttons, Twitter retweeters, etc.”

Lead developer Dan Finlay, responding to the concerned user, revealed enabling privacy mode by default could damage dApps that rely on Ethereum address requests made without it. Finlay explained:

You’re right, we haven’t enabled this by default yet, because it would break previous dapp behavior, and we realized if we add the manual ability for users to ‘log in’ to legacy applications, we can add this privacy feature without breaking older sites.

He noted that while developers need to enable privacy mode by default, it isn’t clear when that will happen. To enable it themselves, users have to go into MetaMask’s settings to toggle the “Privacy Mode” slider.

As CryptoGlobe covered, the popular Ethereum wallet interface has announced late last year a mobile app for it. MetaMask has notably been protecting its users in other ways, as the app blocked a popular dApp called 333ETH, which is widely believed to be a Ponzi scheme.