Opera says hackers pilfered expired code-signing certificate

A few thousand Windows users may have been automatically infected during a 36-minute period

Opera Software said Wednesday hackers pilfered from its internal systems at least one code-signing certificate that was used to sign malicious software.

The Oslo-based company, which makes a mobile and desktop web browser, wrote in a blog post that it believes a few thousand Windows users may have automatically installed malicious software between 01.00 and 01.36 UTC on June 19, the day the attack was detected and halted.

Code-signing certificates are used to cryptographically verify that a piece of software comes from its purported publisher. By using the certificate, it would have appeared to users that the malware was legitimate software from Opera, such as the company's browser.

In its post, Opera included a link to VirusTotal, a website that tests malware samples against security programs to see if the malware is detected. The VirusTotal page shows the SHA256 hash of what is presumably the malware that used the expired code-signing certificate.

At the time of writing, just over half of the 47 security programs listed on VirusTotal that tested the sample detected it. The figure will likely rise as vendors tweak their programs to detect it.

Sigbjørn Vik, an Opera developer and quality assurance engineer, wrote that the certificate was expired, but did not reveal further details. The company said it has since cleaned its systems and that it does not believe user data was lost.

"We are working with the relevant authorities to investigate its source and any potential further extent," Vik wrote.

Opera is planning to release a new version of its browser with a new code-signing certificate, but did not say when it will be available.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags opera softwaresecurity

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?