Banking Trojan Served from Opera Browser Homepage

OperaIt would be a good idea to scan your computer for malware if you have the Opera web browser installed & recently visited the browser’s homepage (portal.opera.com).

The advice comes from antivirus firm, Bitdefender following the discovery that the Opera homepage was loading malicious obfuscated scripts that would redirect users to a third-party page housing the infamous BlackHole exploit kit for “at least a few hours” on Wednesday.

Bitdefender says that the exploit code was likely loaded through a third-party advertisement, a practice called “malvertising.”

During their analysis, Bitdefenders found that the BlackHole exploit kit used a PDF file rigged with the CVE-2010-0188 exploit to drop a new Zbot variant, detected as Trojan.Zbot.HXT, onto the affected machine.

The obfuscated script associated with this attack is detected as Trojan.Script.478548.

Opera has since disabled the ads on the browser’s homepage while they investigate what happened.

So far there have not been any reports of infections stemming from this attack.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

This entry was posted in Computer Security, malware, technology and tagged , , , , .
Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5