This technique is called "sidejacking". It works by piggy-backing a user's cookies. I've seen programs and setups to do it before but I wouldn't have imagined that a Firefox addon would be made to do it. This addon is very thorough, a sweet tool for wardrivers.
Holy crap, that's a lot more phones than I last read.
And the Mariposa botnet isn't completely out of the picture. It may be old, but it's still a possible threat, especially if someone has access to phone cards.