In association with heise online

16 November 2012, 14:17

Opera's web portal reportedly deployed online banking trojan

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Zoom Opera's official portal has since been cleansed

For a brief time, at least a "few hours", users visiting Opera's online portal at were exposed to malware, according to a report from anti-virus specialist Bitdefender. In older versions of Opera, this portal page is set as the default start page, while in recent versions it is easily accessible from the Speed Dial menu that appears when a new tab is opened.

The report says that the exploit code was injected into the Opera page via a third-party ad server. Apparently, the advertisement code created an iFrame in which the criminals embedded an attack page from the Blackhole exploit kit. The injected page then attempted to use a specially crafted PDF document to exploit an old hole in Adobe Reader and infect the system with the ZeuS banking trojan. The malware was hosted on a – probably also hacked – web server in Russia.

An Opera spokesperson told The Register that there is no indication of any user infections. Opera has temporarily suspended its advertising system.

(Uli Ries / crve)

Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit