Takes one week to notify its users.
Now here is something that is not pleasant for any company or its product(s) users. Opera Software has just informed everyone about a network breach (that was uncovered on June 19th), which has grave consequences for those that were affected.
According to the blog post, attackers have stolen the Opera code signing certificate and used it to sign and distribute some malware distinguished as Opera browser.
The worst part? Thanks to automatic updates, you will never know if your machine was affected so grab the fresh copy of Opera as soon as possible or just switch to another web browser. Who knows, maybe next time they will decide to wait 1 month before notifying anyone.
One of the commenters on the blog post also said that it could affect those who have automatic updates disabled as well but Opera is yet to confirm or deny that.
And it doesn’t even matter if you have updated disabled. Users who had disabled Opera updates would not necessarily be immune, because even with updates disabled the browser still checks periodically for browser.js updates.
Here is a summary by NakedSecurity:
- The network was breached.
- A code-signing key was stolen.
- Malware has been signed with it and circulated.
- At least one infected file was posted on an Opera server.
- That file may have been downloaded and installed by Opera itself.
- Cleanup and remediation has now been done at Opera.
For more details, check the following post.
And yes both Opera 12 and Opera 15 users are affected.
About (Author Profile)
Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.