Firefox 75.0 - potentially COMPROMISED!

[Greg Quinlan]

Hi Gecko,
I have been involved with FreeBSD since version 1.0 (the unofficial release - LOL) but not recently ... until the lockdown.
Basically I strongly believe Firefox has been compromised with what looks like a "backdoor".
I recently upgraded all my FreeBSD boxes to 12.1-p3 and packages (pkg update etc) to the latest including Firefox 75.0.
On one of the FreeBSD boxes connected only via WIFI the network became slow, almost unusable. So I installed WireShark, again from the pkg collection and started it monitoring the wlan0 network interface.
With just the Firefox running and https://google.co.uk loaded I see WireShark displaying dozens of WAN IP addresses connecting to my FreeBSD box. Network traffic suddenly went very high, and it seems many of the connections are using TCP ports 66 (??) and 443 (HTTPS).
With Firefox closed the connections disappear. (I think [not sure] but one local address remained i.e. 192.168.1.5 ... it looks like it managed to setup a PPTP with my box)
What is most distribing is that after a short period, I saw a local IP address created (192.168.1.5) that appeared to be attached to a WAN address (and my box). I can confirm that the only device connected to the network at the time was my FreeBSD system on 192.168.1.11. This local address (192.168.1.5) was using HTTPS (443) and connecting to numerous other WAN IP addresses. Consistently the same LAN  IP 192.168.1.5 <-> WAN 45.60.13.212 and 192.168.1.11 <-> 45.60.13.212 
An IP address location site I tried did not make much sense, as it shows this IP address to be present on different dates in different countries.
I did a "nmap -Pn 45.60.13.212" and just about every TCP/IP service you could think of was open!! 
To be absolutely sure, I systematically made sure that every wired and wireless device was switched off, so I am certain! None of my local devices used this address of 192.168.1.5!!
How would you like to proceed? I can demonstrate what is happenning or you could try this yourself. (I have had to let the family back on the network before they all went mad - LOL)
Regards

Greg
Ph: +44 1980 731 335
Mb: +44 771 3672 888
ps. I am in the UK, please free to call if you want.pps. I have tried the same thing on a Linux VirtualBox (Centos 7-1908) and the same thing happens.