Munk School of Global Affairs at the University of Toronto uncovered the use of FinSpy in attacks alleged to have been carried out by the Malaysian and Bahraini governments. The spyware is embedded in a document masquerading as a copy of the Firefox Web browser. Researchers say the spyware not only tricks users into downloading the program, but that it is related to Mozilla and Firefox, giving it an air of trustworthiness. Mozilla has sent a cease-and-desist letter to Gamma International, the UK and German makers of FinFisher spyware kit.
Source: https://threatpost.com/mozilla-fights-back-after-finspy-found-masquerading-as-firefox/100068/