Opera Says Hackers Pilfered Expired Code-Signing Certificate IDG News Service (06/27/13) Kirk, Jeremy Opera Software says hackers breached its internal systems and swiped at least one code-signing certificate that was used to sign malicious software. The Oslo-based manufacturer of mobile and desktop software believes several thousand Windows users may have automatically installed malware on June 19, the day that attack was spotted and thwarted. By using these code-signing certificates, which cryptographically verify that a piece of software comes from its purported publisher, users would be misled into believing that the malware was legitimate software from Opera. Opera cites a link to VirusTotal, a website that tests malware samples against security programs to see if the malware is spotted. As of late June, slightly more than 50 percent of the 47 security programs listed on VirusTotal that tested the sample spotted it, and Opera says the figure is likely to increase as vendors tweak their programs to detect it. Opera plans to release a new version of its browser with a new code-signing certificate, but does not say when it will be available.
Posted on: Fri, 28 Jun 2013 23:35:32 +0000
Trending Topics
Recently Viewed Topics
© 2015