FFOX-00-000024 - Firefox cryptomining protection must be enabled.

Information

The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, for example. If a site is on one of the tracker lists that Firefox is set to use, the fingerprinting script (or other tracking script/image) will not be loaded from that site.

Cryptomining scripts use a computer's central processing unit to invisibly mine cryptocurrency.

Solution

Windows group policy:
1. Open the group policy editor tool with 'gpedit.msc'.
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Tracking Protection
Policy Name: Cryptomining
Policy State: Enabled

macOS 'plist' file:
Add the following:
<key>EnableTrackingProtection</key>
<dict>
<key>Cryptomining</key>
<true/>
</dict>

Linux 'policies.json' file:
Add the following in the policies section:
'EnableTrackingProtection': {
'Cryptomining': true
}

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R1_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000381, Rule-ID|SV-251568r807176_rule, STIG-ID|FFOX-00-000024, Vuln-ID|V-251568

Plugin: Windows

Control ID: a43f2ed1af78f176d7170c86b0c4a733ffb0371c83a9b6fd5175e406ee5b40d5