"Internet Explorer, everybody knows, is not very secure. But Firefox is also fairly insecure," said Spiegelmock, who in everyday life works at blog company SixApart. He detailed the flaw, showing a slide that displayed key parts of the attack code needed to exploit it.
he said. "It is impossible to patch."
The hackers claim they know of about 30 unpatched Firefox flaws. They don't plan to disclose them, instead holding on to the bugs.