Opera says hackers pilfered expired code-signing certificate

A few thousand Windows users may have been automatically infected during a 36-minute period

Opera Software said Wednesday hackers pilfered from its internal systems at least one code-signing certificate that was used to sign malicious software.

The Oslo-based company, which makes a mobile and desktop web browser, wrote in a blog post that it believes a few thousand Windows users may have automatically installed malicious software between 01.00 and 01.36 UTC on June 19, the day the attack was detected and halted.

Code-signing certificates are used to cryptographically verify that a piece of software comes from its purported publisher. By using the certificate, it would have appeared to users that the malware was legitimate software from Opera, such as the company's browser.

In its post, Opera included a link to VirusTotal, a website that tests malware samples against security programs to see if the malware is detected. The VirusTotal page shows the SHA256 hash of what is presumably the malware that used the expired code-signing certificate.

At the time of writing, just over half of the 47 security programs listed on VirusTotal that tested the sample detected it. The figure will likely rise as vendors tweak their programs to detect it.

Sigbjørn Vik, an Opera developer and quality assurance engineer, wrote that the certificate was expired, but did not reveal further details. The company said it has since cleaned its systems and that it does not believe user data was lost.

"We are working with the relevant authorities to investigate its source and any potential further extent," Vik wrote.

Opera is planning to release a new version of its browser with a new code-signing certificate, but did not say when it will be available.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Tags securityopera software

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?