Without Lookout on the device, there’s no way for a targeted individual to know this attack is taking place. Whether the attacker is trying to deliver a phishing link or install malware, Lookout will detect and protect against both types of malicious activity.
Lookout will detect outdated versions of the Android Firefox app as part of its default policy that alerts a user if an app on their device has an exploitable vulnerability. The admin can then customize the policy to set a risk level and response that align with their organization’s security policies.
A vulnerability in the Android version of the Firefox mobile app was recently discovered by an independent researcher. For Firefox v68.11.0 and below, there is a vulnerability in the Wi-Fi protocols that could allow an attacker to trigger actions on a victim’s device if the two are connected to the same Wi-Fi network.
By exploiting this vulnerability, the attacker can trigger the device to perform unauthorized functions. Some of these functions require no action by the end user, such as redirecting the Firefox browser to a phishing site. If the attacker wants to convince the target to download a malicious app, they can have the device prompt the user to do so. To create greater impact, the attacker could make this part of a larger exploit chain by using it in combination with other device or app vulnerabilities that the victim is subject to.
In order for this attack to be successful, the target device must have a vulnerable version of the Firefox app installed and be connected to the same Wi-Fi network as the attacker. Since this vulnerability is cause by a lack of input validation for SSDP (Simple Service Delivery Protocol), the threat actor can send a crafted SSDP message to the target device to carry out the attack. Until something executes on the device and a there’s a notification on the target’s device, they wouldn’t know this was all happening.
Without Lookout on the device, there’s no way for a targeted individual to know this attack is taking place. Whether the attacker is trying to deliver a phishing link or install malware, Lookout will detect and protect against both types of malicious activity.
Lookout will detect outdated versions of the Android Firefox app as part of its default policy that alerts a user if an app on their device has an exploitable vulnerability. The admin can then customize the policy to set a risk level and response that align with their organization’s security policies.
September 15, 2023
Scattered Spider, aka UNC3944, was able to successfully target and gain access to the infrastructure of Caesars Entertainment in its latest campaign
September 19, 2023
September 18, 2023