Opera Update infected

Opera users are advised to immediately update. Attackers got control of an expired code signing certificate and used that certificate to sign malware and deliver it to thousands of Opera users through the browsers automatic updating function. This according to a post on the browser vendor's security blog.

On June 19th, attackers had access to Opera's corporate network between 1am and 1:36am CET. The systems have been cleaned and the company reports no loss of user data. They continue to investigate the attack. Users who had received the malicious update might have installed it automatically and subsequently got infected by the included trojan. A scan with the VirusTotal service reveals that more than half of the anti-virus engines used by the scanner can currently detect the trojan.

A new code signing certificate will be soon released in an updated version of the browser "to be on the safe side".