Opera Software announced that on June 19th uncovered, halted and contained a targeted attack on its internal network infrastructure.
Opera said that its systems had been cleaned and that there was no evidence of any user data being compromised. Opera is working with the relevant authorities to investigate its source and any potential further extent.
The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser.
It is possible that some Windows users, who were using Opera between 01.00 and 01.36 UTC on June 19th, may automatically have received and installed the malicious software. To be on the safe side, Opera will roll out a new version of Opera which will use a new code signing certificate.
Opera urges users to update to the latest version of Opera as soon as it is available, keep all computer software up to date, and to use an anti-virus product on their computer.