In a somewhat scaring discovery, two experimental Firefox add-ons were found to be containing Trojans. The add-ons included version 4.0 of Sothink Web Video Downloader and Master Filer.
Users who installed the infected add-ons would be affected when they restarted Firefox. When a user restarted Firefox the Trojan would be executed and take over the host machine. Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose Trojan.
Both these add-ons have now been disabled by Mozilla, however users who have been using the above add-ons should disable them and run full system virus and spyware scans immediately. The vulnerability is known to affect Firefox on a Windows PC. According to Mozilla, around 5000 users have been affected.
Mozilla has not yet made it clear as to how the infected add-ons made it to the add-ons gallery, however, this is definitely scary and Mozilla should definitely run more checks and Antivirus scans on add-ons that they accept, since millions of people visit the add-ons gallery to find and download new extensions.