Windows 10 reached EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Telefonnummer anzurufen, eine SMS an eine Telefonnummer zu senden oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Weitere Informationen

Security Report: Session Hijacking via BeEF Exploit & Token Theft

  • 2 Antworten
  • 2 haben dieses Problem
  • 3 Aufrufe
  • Letzte Antwort von Vaibhav Ji

Vaibhav Ji
Vaibhav Ji

Dear Mozilla Support Team, I am writing to report a significant security breach involving my Firefox browser that resulted in session hijacking my Firefox devloper browser email was ( [email removed]@gmail.com ) in panic log out form my account and reset the laptop now I don't have access to the data and the compromise of multiple high-value accounts (Discord, Rockstar, and Telegram). Incident Details: Date of Incident: February 2026 Primary Exploit Identified: BeEF (Browser Exploitation Framework) OS: Windows 11 Symptoms: allowing an unauthorized party identified as operating from an IP in Vietnam to bypass 2FA by stealing active session tokens. Despite having security measures in place, the attacker successfully: Accessed my saved Google passwords. Reset my Rockstar Games and Discord account passwords. Gained access to my Telegram account (which has since been deleted). Technical Observations: Standard scans with Windows Defender and Malwarebytes did not immediately detect the "infostealer" responsible, suggesting the use of "Living-off-the-Land" (LotL) scripts or a sophisticated browser-based hook that persisted even after clearing basic cache. I am reporting this to help Mozilla investigate how Firefox's cookie storage and session management can be further hardened against BeEF-style hooks and unauthorized token extraction.

Dear Mozilla Support Team, I am writing to report a significant security breach involving my Firefox browser that resulted in session hijacking my Firefox devloper browser email was ( ''[email removed]''@gmail.com ) in panic log out form my account and reset the laptop now I don't have access to the data and the compromise of multiple high-value accounts (Discord, Rockstar, and Telegram). Incident Details: Date of Incident: February 2026 Primary Exploit Identified: BeEF (Browser Exploitation Framework) OS: Windows 11 Symptoms: allowing an unauthorized party identified as operating from an IP in Vietnam to bypass 2FA by stealing active session tokens. Despite having security measures in place, the attacker successfully: Accessed my saved Google passwords. Reset my Rockstar Games and Discord account passwords. Gained access to my Telegram account (which has since been deleted). Technical Observations: Standard scans with Windows Defender and Malwarebytes did not immediately detect the "infostealer" responsible, suggesting the use of "Living-off-the-Land" (LotL) scripts or a sophisticated browser-based hook that persisted even after clearing basic cache. I am reporting this to help Mozilla investigate how Firefox's cookie storage and session management can be further hardened against BeEF-style hooks and unauthorized token extraction.

Geändert am von Denys

Alle Antworten (2)

Denys
Denys
  • Moderator
  • Top 10 Contributor

Hi,

Could you please share more details about what happened in Firefox? Are you saying that a third-party website managed to access other unrelated third-party websites' cookies without any specific permissions? If so, do you have any evidence of that?

Vaibhav Ji
Vaibhav Ji Fragesteller

Look, I’m not a tech expert, but the pattern is pretty clear. I have 6 email accounts, but only the 2 that were logged into Firefox got hacked. The other 4 are totally fine. My Instagram was also hijacked i used it on Firefox so I wouldn't have to log in every time. The other Instagram account on my phone is perfectly safe. Same thing happened with my Steam account that was active in the browser. I’m not blaming Firefox itself, I probably clicked a bad link but it’s obvious that whoever got in only took the things that were 'open' or 'saved' inside my browser. If they had my whole computer or my phone, they would have taken everything. The fact that they only got my Firefox-related accounts is the proof.

Stellen Sie eine Frage

Sie müssen sich mit Ihrem Benutzerkonto anmelden, um auf Beiträge zu antworten. Bitte stellen Sie eine neue Frage, wenn Sie noch kein Benutzerkonto haben.