Opera developers explain why malicious "update" wasn't detected
Posted on 28 June 2013.
Opera Software has finally come out with more details about the recent compromise of its internal infrastructure, the theft of an expired code signing certificate, and the delivery of malware signed with it through the auto-update mechanism to Opera users.

Opera employee Mark 'Tarquin' Wilton-Jones took to the comment section of the original breach notification and has shared that:
  • Opera 12 source code was not stolen
  • The malware did not affect the Opera installation itself
  • The certificate used was old and expired, but the checking of the certificate is controlled by the OS, not by them.
"Unfortunately, not all versions of Windows check the certificate, and some users may have disabled the UAC protection," he noted, adding that in the future it would certainly be possible for them to run their own checks on the certificate of downloaded autoupdates in addition to those imposed by the OS.

When asked why it took them a week to notify potentially affected users of the breach, Wilton-Jones explained that it took them some time to determine the extent of the attack and what had actually happened. He also noted that they hoped to follow the notification with the release of a new version of Opera, but that they still haven't managed to do so because of technical issues.










Spotlight

Free security software identifies cloud vulnerabilities

Posted on 21 October 2104.  |  Designed for IT and security professionals, the service gives a view of the data exchanged with partner and cloud applications beyond the network firewall. Completely passive, it runs on non-production systems, and does not require firewall changes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //