In an update rolling out today, Opera will now automatically block potentially malicious commands copied from websites to the clipboard. Here are the details.
Opera launches Paste Protect against ClickFix attacks
Today, Opera is rolling out Paste Protect, a feature intended to mitigate so-called ClickFix attacks, a method that cybersecurity firm Huntress says now accounts for over 53% of this kind of malicious activity.
Here’s how ClickFix attacks work, per Opera’s explanation:
A ClickFix-style attack usually starts with something small and ordinary: a video that won’t play, or a CAPTCHA that won’t quite verify you’re human. A pop-up offers a fix, telling you to copy a short command and paste it into your computer’s terminal. It looks like routine troubleshooting. In reality, that command can install malware, steal saved passwords, or hand an attacker remote access to your machine, all carried out by the user’s own hands, on their own device.
To mitigate these attacks, the Opera browser will now monitor clipboard activity for suspicious commands, block them from being copied, and display a warning explaining what happened, along with a red icon in the address bar.
The company adds that “users can see the first 120 characters of the blocked content,” and that “developers working with trusted sources can override the block or mark specific sites as safe.”
Paste Protect is activated by default, and is part of Opera’s Hijack Protection, which “stops external applications from swapping clipboard contents for something harmful without the user noticing, such as a bank account number or a crypto wallet address,” according to the company.
To learn more about Opera’s new Paste Protect feature and ClickFix attacks, check out the Opera Blog.
Worth checking out on Amazon