Opera developers explain why malicious "update" wasn't detected
Posted on 28 June 2013.
Opera Software has finally come out with more details about the recent compromise of its internal infrastructure, the theft of an expired code signing certificate, and the delivery of malware signed with it through the auto-update mechanism to Opera users.

Opera employee Mark 'Tarquin' Wilton-Jones took to the comment section of the original breach notification and has shared that:
  • Opera 12 source code was not stolen
  • The malware did not affect the Opera installation itself
  • The certificate used was old and expired, but the checking of the certificate is controlled by the OS, not by them.
"Unfortunately, not all versions of Windows check the certificate, and some users may have disabled the UAC protection," he noted, adding that in the future it would certainly be possible for them to run their own checks on the certificate of downloaded autoupdates in addition to those imposed by the OS.

When asked why it took them a week to notify potentially affected users of the breach, Wilton-Jones explained that it took them some time to determine the extent of the attack and what had actually happened. He also noted that they hoped to follow the notification with the release of a new version of Opera, but that they still haven't managed to do so because of technical issues.










Spotlight

The context-aware security lifecycle and the cloud

Posted on 25 November 2014.  |  Ofer Wolf, CEO at Sentrix, explains the role of the context-aware security lifecycle and illustrates how the cloud is shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Nov 26th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //