So someone developed a malicious plugin to achieve this? Otherwise, I can't imagine how they could bypass the browser to do this.