Opera has introduced a new browser security feature called Paste Protect, designed to defend users against clipboard-based cyberattacks that rely on malicious code being copied to a device before it is executed.
The company said the feature is enabled by default and is intended to detect and block ClickFix-style attacks, which have become an increasingly common method for distributing malware.
Protection Against Clipboard Attacks
ClickFix attacks typically disguise themselves as legitimate verification prompts, such as CAPTCHA pages. After a user clicks a button claiming to verify they are human, malicious code is silently copied to the system clipboard.
Victims are then instructed to open a command window, paste the copied text and execute it, unknowingly running malware on their devices.
According to Opera, Paste Protect analyzes clipboard activity and detects malicious command sequences designed for Windows, macOS and Linux before they can be executed.
If suspicious content is identified, the browser blocks the copy action, displays a warning to the user and marks the affected website with a red security indicator in the address bar.
Additional User Controls
Opera said users can review the first portion of the blocked command to better understand the detected threat and can choose to mark a website as safe if the warning is determined to be a false positive.
The company said the feature is available through the browser's Privacy & Security settings, where it can be enabled or disabled.
Growing Focus on Browser Security
Clipboard-based attacks have become increasingly popular among cybercriminals because they rely on users unknowingly executing commands rather than exploiting software vulnerabilities directly.
Such attacks are often used to install information-stealing malware capable of collecting saved passwords, browser autofill data, authentication cookies and other sensitive information.
Opera said Paste Protect is intended to stop these attacks before malicious commands reach a user's clipboard, providing an additional layer of protection against evolving social engineering techniques. The feature is being rolled out to Opera users globally through a browser update.
Tidak ada komentar: