When a user visits an "interesting" site, such as an online banking site, the malware captures the user's login info and then sends it along to a remote malicious Web site.
What does all of this really mean? First, it means that people who run PCs -- and especially Windows PCs -- without anti-virus software are playing Russian Roulette with a fully-loaded gun. Of course, Trend Micro, which sells anti-virus software, never misses a chance to make this rather obvious point.
Yet this particular malware report illustrates another very important point.
Almost every Firefox user takes advantage of the hundreds of extensions that third-party developers have created over the years. Used correctly, Firefox extensions are safe, reliable, and so convenient that many people literally cannot stand to browse the Web without them. (Anyone who relies upon extensions such as Adblock, Adblock Plus, and Flashblock knows exactly what I mean.)
By default, Firefox will only allow users to install browser extensions from approved Web sites. And by default, the only approved site on Firefox's list is Mozilla's own secure add-on repository. Before Firefox users can install extensions from any other source, they must explicitly add the new download site to the browser's "approved" list.
It goes without saying that users who give Firefox the green light to install browser extensions from untrusted Web sites don't have anyone but themselves to blame when things go horribly wrong.
Firefox is a fantastic small-business Web browser, and it has earned every bit of its hard-won success. If your company uses Firefox, however, then enforce a very strict, very simple extensions policy: Only allow pre-approved browser extensions, and never install extensions or updates from anywhere except Mozilla's own add-on site. Period.