View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Firefox malware affects Mac users as well as Windows

Hack used to track paedophiles on ‘hidden Internet’ targeted at Microsoft users but also crashes Macs.

By Joe Curtis

A zero-day exploit that has compromised a service accused of aiding the distribution of child abuse images affects Macs as well as Windows.

Websites using service provider Freedom Hosting to post material have had code added to their pages which could help identify the people visiting them.

The service provider uses Tor to deliver web pages, designed to keep online activity anonymous by hiding it through layers of encryption, but the ‘hidden Internet’ has helped people distribute and view child abuse images without consequence.

The malware targeted Mozilla’s Firefox 17, which is used in the Tor browser, and its code was intended to affect Windows users, sending the user’s IP address to a server in the US, widely suspected to be a law enforcement agency.

Tor immediately advised people to stop using Microsoft’s operating system, but now it has been discovered that the malware is actually cross-platform.

Jerome Segura, malware researcher at Malware Bytes, said that the hack also affects Firefox 17 on Apple computers.

He said: "From our tests, code execution only seems to happen on Windows. [But on Macs] the browser crashes, and even if no actual code execution happened, the possibility is not out of this world."

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Freedom Hosting’s terms and conditions state that illegal activities are not allowed on the sites it supports, but that it is notresponsible for users’ actions.

The malware has raised fears of unintended consequences, including hackers adding its code to their armoury, as well as organisations using it to identify people using Tor’s ‘hidden internet’ for legitimate purposes.


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.