It was reported by the French version of The Inquirer: it seems that a new malware is spread over the Internet presented like a false Firefox add-on!
Discovered by BitDefender, the anti-virus editor, the malware was named Trojan.PWS.ChromeInject.A. It does not spread by itself and his installed in the local Firefox plugins directory by another malware.
Then, every time, Firefox is started, the malicious code is executed and sniff passwords from major e-Banking websites (like bankofamerica.com, chase.com, halifax-online.co.uk, wachovia.com, paypal.com, e-gold.com, …). Grabbed passwords are send to a Russian IP address.
I didn’t find more relevant information on the BitDefender website…
Here is a reference on BitDefender.fr :
http://www.bitdefender.fr/NW899-fr–BitDefender-detecte-une-nouvelle-methode-de-vol-des-mots-de-passe-sur-Internet.html