Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

More than 1000 SOHO devices hacked in China associated with cyber-science associated with cyber

June 27, 2025

Posted and Pubshell Sarsware used in Tibet’s Mustang Panda attack

June 27, 2025

The Chinese Silver Fox Group uses fake web -sats to deliver Sainbox Rat and Hidden Rortkit

June 27, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » The Opera browser fixes a major security hole that could have exposed your information
Global Security

The Opera browser fixes a major security hole that could have exposed your information

AdminBy AdminOctober 30, 2024No Comments3 Mins Read
Opera Browser
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


October 30, 2024Ravi Lakshmanan Browser Security / Vulnerability

Opera browser

A now-fixed security flaw in the Opera web browser could have allowed a malicious extension to gain unauthorized full access to private APIs.

A code-named attack CrossBarkingcould enable actions such as capturing screenshots, changing browser settings and account theft, Guardio Labs said.

To demonstrate the problem, the company said it managed to publish a seemingly harmless browser extension to the Chrome Web Store, which could then exploit the flaw when installed in Opera, making it an example of a cross-browser attack on the store.

“This case study not only highlights the perennial clash between performance and security, but also provides a fascinating look at the tactics used by today’s threat actors that operate just below the radar,” Nati Tal, Head of Guardio Labs, said in a report shared with The Hacker News.

Cyber ​​security

There was a problem addressed Opera as of September 24, 2024 after responsible disclosure. However, this is not the first time the browser has been exposed to security flaws.

Earlier in January of this year, details of the vulnerability, which is tracked as MyFlaw which uses a legitimate feature called My Flow to execute any file on the underlying operating system.

The latest attack technique is based on the fact that several public subdomains owned by Opera have privileged access to private APIs built into the browser. These domains are used to support specific Opera features such as Opera Wallet, Pinboard and others, as well as those used in internal development.

Some domain names which also include certain third party domains are listed below –

  • crypto-corner.op-test.net
  • op-test.net
  • gxc.gg
  • opera.atlassian.net
  • pinboard.opera.com
  • instagram.com
  • yandex.com

While sandboxing ensures that the browser context remains isolated from the rest of the operating system, Guardio’s research found that content scripts present in a browser extension can be used to inject malicious JavaScript into over-permitted domains and gain access to private APIs.

“The content script does have access to the DOM (Document Object Model),” Tal explained. “This includes being able to change it dynamically, in particular by adding new elements.”

Armed with this access, an attacker can take screenshots of all open tabs, extract session cookies to hijack accounts, and even change a browser’s DNS-over-HTTPS (DoH) settings to resolve domains through a DNS server controlled by the attacker.

Cyber ​​security

This can then set the stage for powerful adversary-in-the-middle (AitM) attacks, where victims attempt to visit bank or social networking sites by redirecting them to their malicious counterparts.

For its part, the malicious extension could have been published as something harmless in any of the add-on catalogs, including the Google Chrome Web Store, where users could download and add it to their browsers, effectively triggering the attack. However, permission is required to run JavaScript on any web page, especially on domains that access private APIs.

with fake browser extensions repeatedly infiltrating official stores, not to mention some legitimate ones lacks transparency in their data collection practices, the findings highlight the need for caution before establishing them.

“Browser extensions have a lot of power—for better or for worse,” Tal said. “Therefore, the policy enforcement agencies must strictly monitor them.”

“The current verification model is inadequate; we recommend backing it up with additional manpower and continuous analysis methods that monitor extension activity even after approval. Also, performing valid identity verification for developer accounts is critical, so simply using a free email and prepaid credit card is not enough to sign up.”

Did you find this article interesting? Follow us Twitter  and LinkedIn to read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

More than 1000 SOHO devices hacked in China associated with cyber-science associated with cyber

June 27, 2025

Posted and Pubshell Sarsware used in Tibet’s Mustang Panda attack

June 27, 2025

The Chinese Silver Fox Group uses fake web -sats to deliver Sainbox Rat and Hidden Rortkit

June 27, 2025

Business -SUCKS FOR AGENTIC AI SOC -Analytics

June 27, 2025

Transfer of person transfer is increased by threats when directed by scanning and disadvantages CVE

June 27, 2025

The malicious ONECLIK software is oriented

June 27, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

More than 1000 SOHO devices hacked in China associated with cyber-science associated with cyber

June 27, 2025

Posted and Pubshell Sarsware used in Tibet’s Mustang Panda attack

June 27, 2025

The Chinese Silver Fox Group uses fake web -sats to deliver Sainbox Rat and Hidden Rortkit

June 27, 2025

Business -SUCKS FOR AGENTIC AI SOC -Analytics

June 27, 2025

Transfer of person transfer is increased by threats when directed by scanning and disadvantages CVE

June 27, 2025

The malicious ONECLIK software is oriented

June 27, 2025

Critical Open VSX -no -register exposes millions of developers for supply chain attacks

June 26, 2025

The new FileFix method is a threat

June 26, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

More than 1000 SOHO devices hacked in China associated with cyber-science associated with cyber

June 27, 2025

Posted and Pubshell Sarsware used in Tibet’s Mustang Panda attack

June 27, 2025

The Chinese Silver Fox Group uses fake web -sats to deliver Sainbox Rat and Hidden Rortkit

June 27, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.