Opera code-signing certificate abused in failed breach

Opera has managed to detect and stop an attack on its internal systems, but not before potentially a few thousand Windows users were put in harm's way.

Opera Software has opened up about a breach it experienced last week that it believes it was able to successfully stop.

Posting on its security blog, the company admitted that on June 19, it discovered an attack on its internal network infrastructure. Although stating that the breach was stopped, the company said that its attackers were able to steal at least one old code-signing certificate, and that this was used to sign malware.

"This has allowed them to distribute malicious software, which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser."

Despite the certificates being old and expired, Opera Software said it is possible that "a few thousand Windows users" could have received and installed malicious software in the 36-minute window that the attack was in effect.

The company is now planning to roll out a new version of its software, which will use a new code-signing certificate.

As for the rest of its systems, it doesn't believe that any user data was compromised, but it is still working with authorities to determine the full extent of the breach.

A similar breach occurred on Adobe's internal infrastructure in September last year, where, over a two-month period, attackers were able to create two malicious files that could masquerade as legitimate Adobe software . The company has since created a new CSO role , and placed its product security head Brad Arkin in it, with specific responsibility for its internal systems.