Number: IRCNE2013061894
Date: 2013/06/29
According to “computerworld”, Opera Software said Wednesday hackers pilfered from its internal systems at least one code-signing certificate that was used to sign malicious software.
The Oslo-based company, which makes a mobile and desktop web browser, wrote in a blog post that it believes a few thousand Windows users may have automatically installed malicious software between 01.00 and 01.36 UTC on June 19, the day the attack was detected and halted.
Code-signing certificates are used to cryptographically verify that a piece of software comes from its purported publisher. By using the certificate, it would have appeared to users that the malware was legitimate software from Opera, such as the company's browser.
"We are working with the relevant authorities to investigate its source and any potential further extent," Vik wrote.
Opera is planning to release a new version of its browser with a new code-signing certificate, but did not say when it will be available.
- 2