Opera Just Rolled Out a Way to Block ClickFix Attacks in Its Browser

· Lifehacker

Earlier this year, security firm Huntress discovered a malicious browser extension that initiates ClickFix attacks, a sophisticated attack designed to take over your computer. In a ClickFix scheme, bad actors get you to install their browser extension, then display a fake error prompt in your browser. This pop-up offers a fix that often requires you to copy a malicious command and run it in the command prompt on your device. Since then, the onus has been on the user to avoid downloading suspicious extensions, but now Opera is adding ClickFix protections directly into its browser.

How "Paste Protect" fights against ClickFix attacks

The feature, called Paste Protect, is designed to stop code injection attacks such as ClickFix. When Paste Protect believes you are the target of a ClickFix attack, it displays a pop-up, warning you not to copy malicious commands, and offers a button to close the tab to sidestep the attack. You do have the option to click "Show content" to view the first 120 characters of the command, in case you want to review what Paste Protect flagged as malicious.

Visit afsport.lat for more information.

Paste Protect allows you to bypass the block if you wish, with a red button labeled "Hold to copy (unsafe)." To copy the command, you'll have to hold this button for over five seconds. You'll also have the option to always allow copying code from a site you trust, which is helpful in case the feature accidentally blocks code from a legitimate site. The warning may be enough for most casual users to realize that something's off, similar to how Apple and Microsoft protect you from installing untrustworthy apps on your computer. You'll see a warning that blocks you from installing those apps, but there's an option to bypass it if you know what you're doing and are confident that it's a false positive.

ClickFix attacks are quite sophisticated: They may show a fake captcha verification that's designed to fail, and offer a "solution" in the form of malicious code that you can run on your device. Opera claims it uses platform-specific detection techniques for Linux, macOS, and Windows to identify patterns associated with malicious scripts, and blocks them via Paste Protect.

Paste Protect isn't the first Opera feature of its kind

This isn't Opera's first security feature aimed at protecting users from malicious activity. The browser has offered a "Hijack Protection" feature for a few years, which prevents sites from replacing the contents of your clipboard without your permission. This means that if you copy a URL, Opera will stop sites from changing the copied link to a malicious URL. Paste Protect adds an extra layer of security to the browser.

While added security features are more than welcome, vigilance is always the best defense against online scams. Don't install extensions or apps from developers you don't know or trust; never click suspicious links, whether you find the on the web or someone shares them via text or email; and never copy code from the internet and paste it in your device's command prompt without being 100% sure of what you're doing.

Read full story at source