Fun with Firefox Extensions

Firefox is a very popular browser. Its open designed framework makes it easy to extend the functionality either by changing the core code directly or by creating extension plug-ins that work on multiple OSs. Any installed extension has the same full rights as the browser itself and can do quite some mischief, similar to BHOs in IE. This includes file I/O, network sockets, registry etc. and all that cross platform. An ideal starting point for an attacker, don't you think. Learn what current malware does with FF extensions, how they hide. See how easy it is to create a bot or Trojan as FF extension, making it run inside the browser, cross platform, stealing data etc.