Hackers Grab Opera Certificate, 1,000 Users Infected with Password-Stealing Malware
Over a thousand Windows users were infected with password-stealing malware after hackers stole a software-signing certificate from Opera and used it to write malicious code.
Users affected by the cyber-attack automatically installed the Trojan, which posed as coming from Opera’s legitimate software. In the last week, following the attack, Bitdefender detected the malware mostly in the US.
“The current evidence suggests a limited impact,” Sigbjørn Vik, an Opera developer and quality assurance engineer, said in a blog post. “The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser.”
The software company identified and halted the targeted attack on June 19. It also published a link to VirusTotal, where more than half of the antivirus solutions detected the malware at the time of writing.
Opera also announced it’s working with authorities to investigate the source of the cyber-attack and any potential extent of the breach.