Mozilla is increasing it's efforts to scrutinize user submitted plugins after it had discovered that a Vietnamese language pack on its official add-on page had been infected for months with rogue code. In mid-February the user submitted add-on passed Mozilla's scrutiny because the virus's signature was unknown at the time of testing. According to Wired's Threat Level blog "On Tuesday, a user named Hai-Nam Nguyen reported that anti-virus programs detected the Xorer Trojan inside the add-on. Firefox admins quickly confirmed the presence of the Trojan's code and removed the file the same day." It is unknown how many users actually installed the plugin but Mozilla says 16,667 people had downloaded the add-on since November 2007. The organization now intends to scan all of the user submitted add-ons each time virus definitions are updated, that seems a bit more proactive...
