Opera GX Vulnerability Allowed Auto-Install of Data-Stealing Mods
Researchers discovered a critical vulnerability in Opera GX, the gaming-focused web browser developed by Opera, that enabled malicious websites to automatically install browser add-ons. These add-ons could then be used to extract specific data from pages visited by users without any interaction, such as a click. In a demonstration of the exploit, security researchers were able to reconstruct a user's full Gmail address from a single visit to a compromised website, highlighting the severity of the data exposure risk.
The vulnerability specifically targeted the browser's ability to handle extensions and modifications. Attackers could leverage this by creating a malicious website that, upon a user's visit, would trigger the silent installation of a specially crafted add-on. Once installed, this add-on had the capability to access and transmit sensitive information from the user's browsing session. The proof-of-concept attack successfully demonstrated the extraction of personally identifiable information, such as a complete Gmail address, from a logged-in user's account.
Following the disclosure of the vulnerability, Opera has released a patch to address the security flaw in the Opera GX browser. The company stated that it has investigated the matter and has found no evidence to suggest that the vulnerability was exploited in the wild prior to its discovery and patching. Users of Opera GX are advised to ensure their browser is updated to the latest version to be protected against this threat. The incident underscores the ongoing security challenges associated with browser extensions and the importance of rigorous security auditing for all software components.
Original source — read the full reporting at the publisher:
Read on The Hacker News