=====================================================================

                           CERT-Renater

               Note d'Information No. 2013/VULN272
_____________________________________________________________________

DATE                : 27/06/2013

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Opera.

======================================================================
http://my.opera.com/securitygroup/blog/2013/06/26/opera-infrastructure-attack
______________________________________________________________________

Security breach stopped

Par Sigbjørn VikSigbjorn. mercredi 26 juin 2013 11:02:29

hacking, code signing, Opera

At Opera Software, we are committed to the security and privacy of our
users. This is paramount to us, and as such, we want to share the
details of a recent incident with you.

On June 19th we uncovered, halted and contained a targeted attack on
our internal network infrastructure. Our systems have been cleaned and
there is no evidence of any user data being compromised. We are working
with the relevant authorities to investigate its source and any
potential further extent. We will let you know if there are any
developments.

The current evidence suggests a limited impact. The attackers were able
to obtain at least one old and expired Opera code signing certificate,
which they have used to sign some malware. This has allowed them to
distribute malicious software which incorrectly appears to have been
published by Opera Software, or appears to be the Opera browser.

It is possible that a few thousand Windows users, who were using Opera
between 01.00 and 01.36 UTC on June 19th, may automatically have
received and installed the malicious software. To be on the safe side,
we will roll out a new version of Opera which will use a new code
signing certificate.

Users are strongly urged to update to the latest version of Opera as
soon as it is available, keep all computer software up to date, and to
use a reputable anti-virus product on their computer. For more
information about the malware, including which anti-virus applications
can detect it, virustotal has a good overview.

======================================================================

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================