Markets
Share this article

Mozilla Closes Holes That Led to Coinbase Hacks

Hackers used two simple Mozilla vulnerabilities to spear-phish Coinbase employees.

By John Biggs
Updated Sep 13, 2021, 9:21 a.m. Published Jun 24, 2019, 3:30 p.m.
fish hooks phishing

A pair of simple Mozilla vulnerabilities made it easier for hackers to phish Coinbase employees. The exploit, detailed by ZDNet, was a remote code execution attack that could force machines running Firefox to install spyware to capture passwords and other data.

The two vulnerabilities - CVE-2019-11708 and CVE-2019-11707 - first appeared in April 15 and hackers used them to spear-phish Coinbase employees. When they visited sites linked in the email the browser would download a piece of spyware to steal logins and other data.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

Some detail from the exploit suggests that the bug could escalate privileges outside of the "sandbox" where most Mozilla code runs:

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

The two vulnerabilities combined to create a perfect storm, allowing hackers to run malware installers instantly. Researchers discovered the exploits on April 15 and they suspect that hackers saw them in Mozilla's Bugzilla bug tracking database and exploited them before they could be patched. The hack did not effect Coinbase users.

Mozilla

is asking users to update their browsers in order close these holes.

Image via Shutterstock.

MozillaNewsHacks

More For You

Protocol Research: GoPlus Security

By CoinDesk Research
Nov 14, 2025
Commissioned byGoPlus
GP Basic Image

What to know:

  • As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
  • GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
  • Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
View Full Report

More For You

Bitcoin's massive underperformance to stocks in Q4 bodes well for January, says K33's Lunde

By Helene Braun, Krisztian Sandor|Edited by Stephen Alpher
2 hours ago
Bulls

After an active morning Tuesday, bitcoin flattened out in afternoon trading around the $87,500 area, up 2% over the past 24 hours.

What to know:

  • Bitcoin held in the $87,500 in U.S. afternoon action on Tuesday, up 2% over the past 24 hours.
  • K33 analyst Vetle Lunde suggested BTC's relative weakness to stocks this quarter could mean rebalancing-led buying once January rolls around.
Read full story