Opera’s new Paste Protect feature blocks suspicious commands copied from websites


In an update rolling out today, Opera will now automatically block potentially malicious commands copied from websites to the clipboard. Here are the details.

Opera launches Paste Protect against ClickFix attacks

Today, Opera is implementing Paste Protect, a feature intended to mitigate so-called ClickFix attacks, a method that the cybersecurity company Huntress It says it now accounts for more than 53% of this type of malicious activity.

Here’s how ClickFix attacks work, as explained by Opera:

A ClickFix-style attack usually starts with something small and common: a video that doesn’t play or a CAPTCHA that doesn’t verify that you’re human. A pop-up window offers a solution and tells you to copy a short command and paste it into your computer’s terminal. It seems like routine troubleshooting. In reality, that command can install malware, steal saved passwords, or give an attacker remote access to your machine, all done by the user’s own hands, on their own device.

To mitigate these attacks, the Opera browser will now monitor clipboard activity for suspicious commands, block copying them, and display a warning explaining what happened, along with a red icon in the address bar.

The company adds that “users can see the first 120 characters of blocked content” and that “developers working with trusted sources can override the block or mark specific sites as safe.”

Paste Protect is enabled by default and is part of Opera’s hijacking protection, which “prevents external applications from exchanging the contents of the clipboard for something harmful without the user realizing it, such as a bank account number or crypto wallet address,” according to the company.

For more information about Opera’s new Paste Protect feature and ClickFix attacks, see the opera blog.

Worth checking out on Amazon

FTC: We use automatic affiliate links that generate income. Further.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *