Opera certificate malware posed as an update

By

Stole logins.

An attack against Opera last week which saw a malware signed as a certificate posed as an Opera update.

Opera certificate malware posed as an update

The malware bore the outdated Opera certificate and once executed stole crucial information from FTP clients or file managers including user names, passwords and server names, according to Trend Micro which detected the malware as TSPY_FAREIT.ACU.

Trend Micro said the malware gathered more information from browsers and collected login data to access accounts or even initiate unauthorised transactions.

“They can also profit from these stolen data by selling these to the underground market,” it said.

Opera estimates that several thousands of Windows users are affected as a result of their installed Opera software automatically installing the said malware bearing the outdated certificate. To address this issue, Opera has promised to release a new version of its browser.

It said that the attack last week was achieved after attackers accessed and stole at least one certificate that they used to sign malware.

Opera Software quality assurance Sigbjorn Vik said that the hackers did not compromise any data belonging to users, and that the infection has been neutralised.

Vik also claimed that the certificate was "old and expired", and that for a 36-minute period on 19th June, "a few thousand" Windows users who were running the browser, may have automatically received and installed the malware.

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:
certificatesmalwareoperasecurityupdate

Sponsored Whitepapers

Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Service Over Signatures: The Truth About No Lock-In IT
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.

Events

Most Read Articles

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"
SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy
Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?