Details

The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, for example. If a site is on one of the tracker lists that Firefox is set to use, the fingerprinting script (or other tracking script/image) will not be loaded from that site.

Cryptomining scripts use a computer’s central processing unit to invisibly mine cryptocurrency.

Solution

Windows group policy:
1. Open the group policy editor tool with ‘gpedit.msc’.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefoxTracking Protection
Policy Name: Cryptomining
Policy State: Enabled

macOS ‘plist’ file:
Add the following:
EnableTrackingProtection

Cryptomining

Linux ‘policies.json’ file:
Add the following in the policies section:
‘EnableTrackingProtection’: {
‘Cryptomining’: true
}

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-7a.
• CAT|II
• CCI|CCI-000381
• Rule-ID|SV-251568r807176_rule
• STIG-ID|FFOX-00-000024
• Vuln-ID|V-251568

Source

• Tenable.com/audits