Firefox will soon warn users of software that performs MitM attacks

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
The Firefox browser will soon come with a new security feature that will detect and then warn users when a third-party app is performing a Man-in-the-Middle (MitM) attack by hijacking the user's HTTPS traffic.

The new feature is expected to land in Firefox 66, Firefox's current beta version, scheduled for an official release in mid-March.

The way this feature works is to show a visual error page when, according to a Mozilla help page, "something on your system or network is intercepting your connection and injecting certificates in a way that is not trusted by Firefox."
An error message that reads "MOZILLA_PKIX_ERROR_MITM_DETECTED" will be shown whenever something like the above happens.

The most common situation where this error message may appear is when users are running local software, such as antivirus products or web-dev tools that replace legitimate website TLS certificates with their own in order to scan for malware inside HTTPS traffic or to debug encrypted traffic.

Another scenario, also quite common, is when a user's computer gets infected with malware that attempts to intercept HTTPS traffic by installing untrusted certificates.

A third scenario would be when an ISP or a malicious user on the same network is also hijacking the user's internet traffic, and replacing certificates in order to spy on the user's HTTPS traffic.

The new MitM error page aims to serve as an early warning sign that something is wrong and that a deeper investigation may be needed.

This Mozilla support page comes with various recommendations for each situation and how to configure various antivirus products.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top