Opera.com hacked, distributed malware signed with their certificate to probably thousand of users

According to a post on the Opera Security Blog, the company suffered on June 19th “a targeted attack on  internal network infrastructure”. The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser.

opera_logo

What Opera is describing here is the nightmare of any company having millions of users:

– Internal network breached

– Signing certificates stolen

Certificates used to sign malware

Can it go worse?

Yes, it can.

– the website distributed automatically company signed malware to their users:

It is possible that a few thousand Windows users, who were using Opera between 01.00 and 01.36 UTC on June 19th, may automatically have received and installed the malicious software.

 

If you are or were using Opera, here is what can you do to make sure your computer is clean:

– Uninstall Opera

– Install any Avira product from here.

– Start the “System Scanner” to scan all your computer on demand

sysscan

– If you see a detection of TR/Ransom.GR.1, then here you go: you’ve been affected. Let the scanner remove all the files found.

– After cleaning up the computer, you may want to reinstall the Opera browser. Do note that there are plenty of alternatives like Firefox, Chrome and others.

 

Sorin Mustaca

IT Security Expert

via Avira – TechBlog http://techblog.avira.com/2013/06/27/opera-com-hacked-distributed-malware-signed-with-their-certificate-to-probably-thousand-of-users/en/


© Copyright 2013 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

Comments are closed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close