Compromised Opera Browser May Have Distributed Malware
Opera is not much used like Google Chrome or Mozilla Firefox. But there are still a few people using Opera browser for web surfing. This means any attack breaching the browser security will not effect the majority of web surfers. Just think, if there is any security breach in Google Chrome or Mozilla Firefox.
Yesterday, at Opera blog, they announced a security breach which might have effected a few thousands Opera users. “It is possible that a few thousand Windows users, who were using Opera between 01.00 and 01.36 UTC on June 19th, may automatically have received and installed the malicious software”, said by Sigbjørn Vik.
Now you need to wait for the new release of Opera and there is not indication when it will be available other than the word “we will roll out a new version of Opera which will use a new code signing certificate”.
The Opera breach was discovered on June 19, 2013. There was no announcement for the whole week. Opera user were kept in dark for the whole week. Is this a serious professional business? If these few thousands will also leave Opera, who will use it? I use Opera once or twice in a month. People are already using Chrome and Firefox and so I. I have never seen any company or organization using Opera.
The attackers intruded illegally in Opera servers, they stole at least (they did not tell the maximum) one old and expired Opera code signing certificate which has been used to digitally sign malware. Just a thought, why Opera browser should accept updates if the certificate is expired?
There is nothing about what type of threat could be for Opera user. They did not say a single word about the user information which might have been compromised after getting updates. There is also no indication of Android users whether they were effected or not, though they have just told about Windows users.
I just know that I am not going to use Opera for next two or three months at all.