Malware researchers at BitDefender are reporting on a newly discovered malware (Trojan.PWS.ChromeInject.B) that when once dropped in Firefox's add-ons directory starts operating as such, and attempts to steal accounting data from a predefined list of over a hundred E-banking sites. Once the accounting data is obtained, it's forwarded to a free web space hosting provider in Russia. Earlier this year, a more severe incident took place when the Vietnamese Language Pack hosted at Mozilla's official list was infected with malware.
Despite the novel approach used, the malware would have made a huge impact if it were released several years ago when E-banking authentication was still in its infancy since plain simple keylogging is one part of the session hijacking tactics used. And while they will indeed obtain the accounting data, this is no longer sufficient for a successful compromise of a bank account. In comparison, the techniques used by sophisticated crimeware like Zeus, Sinowal and Wsnpoem undermine the majority of two-factor authentication mechanisms used by E-banking providers, since once you start doing E-banking from a compromised environment nothing's really what it seems to be anymore.