If I am in a position to install random shit into Firefox I am also in a position to just modify Firefox, so that doesn't accomplish anything at all except remove functionality from users.
I think I am not understanding your use of the word "target" here, as I would have expected that to be the person being targeted by the malware install, but that person isn't someone who by definition even knows what is going on: it is the attacker who is choosing to install something into Firefox without the express knowledge of the target, and so it is the attacker whom I am noting is able to choose to instead modify Firefox; if the target were making the decision to install the extension then clearly they should be allowed to do whatever they legitimately want to do with their software.