Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Opera users–please take care

June 27th 2013 in Uncategorized

Cite: http://my.opera.com/securitygroup/blog/2013/06/26/opera-infrastructure-attack

Here’s the important bit:

“The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser.
It is possible that a few thousand Windows users, who were using Opera between 01.00 and 01.36 UTC on June 19th, may automatically have received and installed the malicious software. To be on the safe side, we will roll out a new version of Opera which will use a new code signing certificate.”

Now, here’s the thing, that new version of Opera may not have an impact on the malware that was installed, if you happen to have been a victim.  That being said, as the good people at Sophos pointed out, “The good news is that the malware involved is widely detected by anti-virus tools, and the period of possible exposure via Opera itself was at most 36 minutes.”
Cite: http://nakedsecurity.sophos.com/2013/06/27/opera-breached-certificate-stolen/

So if you use Opera, give your system a full scan, and do another one every time your AV updates for the next week or so (if you don’t do so already).

There’s not much any of us can do to protect ourselves from incidents like this, unfortunately 🙁

Comments are closed.

People… we’re seeing topihost.com getting into ad traffic.  Be alert. Shares IP with motserv.com and intorav.com and omastat.com Also gigaslot.cc (lists its address as “200, korkeiw, street das funky mate,  30”)

Previous Entry

URL: http://www.ftc.gov/opa/2013/07/coppa.shtm “The revised COPPA rule addresses changes in the way children use and access the Internet, including the increased use of mobile devices and social networking. The modified rule,approved by the Commission in December 2012, widens the definition of children’s personal information to include persistent identifiers such as cookies that track a child’s […]

Next Entry