According to antivirus company Kaspersky, Korean distributions for Mozilla and Thunderbird for linux were infected with viruses until removed in the last week.
"This virus searches for executable ELF files in the current and /bin directories and infects them," said the Russian company on its weblog. "When infecting files, it writes itself to the middle of the file, at the end of a section of code, which pushes the other sections lower down."
The virus also contains a backdoor so that the infected machine can be infected further.
The news arrives in a bad week for Mozilla. A Symantec report revealed Mozilla had more confirmed vulnerabilities than any other browser.
The organization hit back, claiming that it patches faster than its rival so can therefore still claim to be the safest.
In July SC reported a server hosting a community site that markets the Mozilla's open-source Firefox browser was hacked, apparently to send spam.