Malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data. The attack stemmed from phishing emails (first detected in late January), targeting several Tibetan organizations. Researchers say the threat campaign, observed in January and February, targeted Tibetan organizations and was tied to TA413, a known advanced persistent threat (APT) group. The group behind this attack aims to gather information on victims by snooping in on their Firefox browser data and Gmail messages, said researchers.
Source: https://threatpost.com/malicious-mozilla-firefox-gmail/164263/