Usually, when we download software from a trusted developer like Mozilla, we are convinced that it contains no viruses or trojans to harm our computers. Surprisingly, that’s not true for Vietnamese language pack for Firefox downloaded after February 18, 2008.
The language pack itself does not carry the virus; instead it has been modified by a virus to remotely load malicious scripts. It’s primarily meant to display advertising, but it could be used for other malicious attacks as well. The virus is a script, so it can potentially harm all operating system. Most antivirus applications will detect the virus as HTML.Xorer.
The add-on has been download around 16000 times since November 2007, but its unknown how many of those downloads came after February 18th. Normally, Mozilla checks for infections when an add-on is uploaded to their site. No subsequent virus scans are performed. Hopefully, Mozilla will take precautions to prevent this from happening in future. The whole issue makes me feel a little insecure about installing add-on for my browser.
[Via: CyberNet]

wrote, on May 9th, 2008
You have now given me some cause to worry about too!
wrote, on May 10th, 2008
Surprising, I must say. I too am not so sure in confidence anymore about some of their add-ons. But I do trust that Mozilla will prevent what they can.
wrote, on May 12th, 2008
Well some days ago, HP Printer Drivers had the same problem !!!
A quick google search will tell you lots !
wrote, on May 12th, 2008
Quakeboy: This really scares me! Imagine, Anitvirus suites packed with these. Warez sites have such practices, but how long before download sites like Download.com or Softpedia get hit.
wrote, on May 15th, 2008
There are more and more 3rd party firefox plugins coming out that you need to watch out for as well. Make sure you download them from FF rather than some 3rd party blog.