Trojan Firefox Extension
Anti-virus firms are reporting that a trojan horse that takes the form of a Mozilla Firefox extension has been spotted in the wild. The trojan, which McAfee has named FormSpy and Sophos has dubbed Troj/FireSpy-A, captures information entered into the browser, including, but not limited to, passwords and banking details, and sends them to a remote computer. The trojan comes with a Windows executable that can also record ICQ, POP3, IMAP and FTP passwords. Within Firefox, the trojan pretends to be the legitimate numberedlinks extension.
The good news? This is a windows-only problem, so you Apple nerds and Linux goofs are safe. Feel free to sadly chuckle at the Windows world again. Also, according to the mozillaZine posting, this beastie "does not use any Firefox security flaws to infect computers." It's just a piece of badness that piggy-backs its way onto a system as a consequence of another infection.