Mozilla warned Wednesday that a malicious program inserted adware code into a Firefox plug-in that has been downloaded thousands of times over the past three months.
The add-on was a Vietnamese language pack, and though it has been removed from the official Mozilla add-on website, it was undetected until this week.
The Firefox 2 Vietnamese language pack does not actually contain a virus itself, Mozilla learned yesterday upon realizing what was going on. But the malicious payload users did receive was produced by the Xorer virus, which had infected the system of language pack author Jasper Thai.
Because of a virus infection, the Vietnamese language pack for Firefox 2 was polluted with adware, Mozilla security chief Window Snyder said in a blog posting. “Everyone who downloaded the most recent Vietnamese language pack since February 18, 2008 got an infected copy,” she wrote. “Mozilla does virus scans at upload time but the virus scanner did not catch this issue until several months after the upload.”
