The creator of the popular Firefox web browser, Mozilla, has claimed that the hackers have stolen sensitive security information from the bug tracking tool of Mozilla called the Bugzilla. They used the information that they gained from the bug tracker to attack the Firefox web browser users.
The company was able to find out of this information and quickly shut off the account that the hackers had access to in order to prevent further damage. This information was shared by Mozilla through a blog post. Mozilla said that the hackers might have made use of the information from Bugzilla to further explore a vulnerability that gave them direct access to sensitive information. They would have uploaded the information to a server.
Firefox is the second largest browser that web users use to access the millions of websites offered on the internet. A new version of Mozilla Firefox was launched by the company on August 27. This version fixed all the problem areas that the hackers knew about and might have used this to harm the Firefox browser users.
Bugzilla is an open source tool offered by Mozilla to track the bugs or the flaws that are there in the software. They will be able to track the problems in software that might end up in giving unexpected and incorrect results. Bugzilla is easily accessible for the public, but the security sensitive information is not offered free for everyone to access. It is only offered to certain trusted users.
The attackers were sending in malicious script that was looking out for key files on the machine of the Firefox user and once it was found, it was uploaded to a remote server. It is believed that the server is located in Ukraine. The Bugzilla security practices are being updated in order to prevent future attacks like this.
As soon as Mozilla came to know about the security sensitive information being compromised, it carried out a preliminary investigation of the breach and has notified the relevant law enforcement authorities about their findings.
There is a constant threat from the hackers that is looming large on the internet. This rising cyber security threats and the increasing number of reported incidents of data loss and compromise of sensitive information has driven several governments and companies to strengthen their security software and platforms.
This is a real cause of concern and even biggies like Anthem Inc, one of the largest health insurers in the U.S and Target Corp, a popular retailer, have been victims of data security compromise in the recent years.