Mozilla has temporarily suspended its Firefox Send file transfer service after cyber-security professionals reported several instances of abuse by organized malware operators. The organization confirmed the development to ZDNet on Tuesday. According to a Mozilla spokesperson, the service will add a abuse-reporting mechanism before it goes live again.
The developments follow persistent complaints from cyber-security experts, who claim that the service was being used to store payloads for all sorts of cyber-crime. That includes ransomware, banking trojans and spyware used to target human rights activists. In most cases, the modus operandi for these malware authors was the same. They uploaded their malicious payloads on Firefox Send, which stored these files in an encrypted format. Hackers then send those links via emails to their unsuspecting victims.
Originally announced in 2017, Mozilla’s privacy-focused, free, encrypted file transfer service, ‘Firefox Send’, was finally available for all users in March, 2019. It allows users to share files of up to 1GB without requiring any sign-in. However, Mozilla account holders can share files of up to 2.5GB in size. The service is completely free and requires only an e-mail ID and password. As with everything Mozilla, Firefox Send is also ‘Private by Design’. It comes with full encryption to ensure safety and privacy of users.