Certain AI Security Flaw Allowed Websites to Secretly Steal Information From Users

A security flaw in the Opera GX browser could have allowed malicious websites to secretly collect information from users without requiring them to click anything or approve a download. The issue affected a feature designed to let users customize the browser, but attackers found a way to abuse that feature and turn it into a tool for stealing information. Opera has since fixed the problem, and there is no evidence that the flaw was used in real-world attacks.

Opera GX is a browser popular among gamers that includes customization features called GX Mods. These mods allow users to change the browser’s appearance, sounds, themes, and the way websites look while browsing. The feature was intended to improve personalization, but a weakness in the way these modifications were installed created a security risk.

The problem was that a website could potentially trigger the installation of a browser modification without the user actively choosing to install it. Normally, when a browser extension or add-on is added, users expect to see a warning or approval request. In this case, a malicious website could silently add a modified browser component in the background.

Once installed, the malicious modification could affect every website the victim visited. Attackers could use this access to gather certain information displayed on web pages, including information from accounts that were already signed in. In a demonstration of the issue, attackers were able to recover a user’s Gmail address after the browser visited a specially prepared page.

The attack was possible because the browser modification system was able to change how websites were displayed across the browser. While these changes were originally created for cosmetic purposes, such as changing colors or layouts, attackers discovered that the same ability could be used to monitor information appearing on websites.

Unlike many cyberattacks that require a victim to download a file, enter a password, or click a suspicious link, this issue could work with little or no interaction from the user. Simply visiting a malicious website could have been enough to trigger the attack.

The flaw has been patched in newer versions of Opera GX. Users should make sure their browser is updated to the latest version to receive the security fix. Keeping browsers, operating systems, and other software updated remains one of the easiest ways to reduce the risk of being affected by newly discovered security issues.

This incident is a reminder that even features designed for convenience and customization can introduce unexpected security risks. As browsers continue to add more features and personalization options, attackers will continue looking for ways to misuse those tools. Regular updates and cautious browsing habits remain important steps in protecting personal information online.