Opera homepage spotted redirecting visitors to Blackhole kit
Posted on 15.11.2012
If you are an Opera user who hasn't changed the browser homepage or has visited Opera's Portal homepage (portal.opera.com) on Wednesday, you might want to check you computer for malware.

According to Bitdefender, the website in question has been redirecting visitors to a page hosting the infamous Blackhole exploit kit for at least a few hours.

But how did that happen?

The portal would load a malicious obfuscated script - most likely via a third-party ad - and it would insert into the page an iframe that loaded malicious content from an external source, and visitors were automatically redirected to another page.

"This malicious page harbors the BlackHole exploit kit (we got served with the sample via a PDF file rigged with the CVE-2010-0188 exploit) that will infect the unlucky user with a freshly-compiled variant of ZBot, detected by Bitdefender as Trojan.Zbot.HXT," shared the researchers.

"The ZBot malware is on a server in Russia which, most probably, has also fallen victim to a hacking attack, allowing unauthorized access via FTP."

The company has luckily offered a simple way of checking whether you have been saddled with this specific malware - just visit its Quickscan website and speedily test your computer.






Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //