On Wednesday, June 26, Opera announced that on June 19 company’s internal networks were attacked. As the result, attackers managed to steal at least one old and expired Opera code signing certificate.
“Our systems have been cleaned and there is no evidence of any user data being compromised. We are working with the relevant authorities to investigate its source and any potential further extent. We will let you know if there are any developments,” states blog.
The company warned that on June 19 between 1:00 and 01:36 UTC a few thousand users of Opera for Windows were able to automatically download and install malicious software signed by Opera Software.
So far, malware was removed from the company servers and law enforcement agencies started an investigation. Opera Software strongly recommends that users update the Opera browser.
“Users are strongly urged to update to the latest version of Opera as soon as it is available, keep all computer software up to date, and to use a reputable anti-virus product on their computer.”
More detailed description of the malware may be found here.