6 de julio de 2026

Opera Adds Paste Protect Feature to Block ClickFix Clipboard Attacks in Latest Release

Opera has added Paste Protect, a security feature designed to prevent ClickFix-style attacks where users are tricked into copying and executing malicious commands, according to Opera's official security blog.

The feature is turned on by default in the latest Opera update and can be accessed through Settings, Privacy and Security, Paste Protect. Opera states that the system is available for Windows, macOS, and Linux.

Paste Protect works by scanning copied content for patterns that are commonly linked to malicious scripts and commands before the data reaches the clipboard.

How Opera Paste Protect Blocks ClickFix Attacks

ClickFix is a common social engineering technique. Victims see what looks like a verification step or troubleshooting instructions, then are guided to copy a piece of code or command to the clipboard and paste it into the operating system's command-line interface.

The commands run with the user's privileges, which can bypass security measures. Often, this results in the installation of information-stealing malware.

The method has become widespread enough that Apple recently added a warning to macOS Terminal to detect risky pastes and alert users before execution.

Opera's method prevents harmful commands from being copied to the browser clipboard. Paste Protect combines two features: hijack protection, introduced in 2021, which detects attempts by external applications to replace copied content like URLs or bank account numbers with malicious versions, and injection protection, a new feature that blocks potentially dangerous commands before they reach the clipboard, whether initiated by a user or a website.

Opera explains that Paste Protect uses platform-specific rules to scan copied content for patterns linked to malicious scripts. If suspicious content is found, Paste Protect blocks the copy action, shows a warning popup, and displays a red security indicator in the address bar.

Opera states that if a potential threat is detected, the copy operation is automatically prevented. Users will see a popup explaining the situation, along with a red warning icon in the address bar.

How Users Can Review And Manage Blocked Content

Users can view the first 120 characters of blocked content in the warning popup. After a five-second timeout, the popup provides an option to approve the copy action if the user believes the content is legitimate. This timeout is intended to prevent users from quickly bypassing the warning without reviewing what was blocked.

For users who frequently copy commands from trusted sources like GitHub, Opera offers the option to create an allow list. By selecting "Always allow from this site" in the popup, the current site is added to the allow list. Future copy actions from that site will then bypass the Paste Protect check.

Opera explains: "If you are confident in your actions, such as a developer who regularly copies scripts or commands from trusted sources like GitHub, you can set certain websites as trusted. By choosing 'Always allow from this site' in the popup, you enable copying from these sites without restrictions."

Paste Protect is enabled by default in the latest version of Opera. Users can review or change this setting through the browser settings.

To do so, open Opera, click the Opera menu and select Settings, or press Alt+P. Then navigate to Privacy and Security, and select Paste Protect. From there, users can adjust the settings, including the list of trusted sites.

For those seeking extra protection against ClickFix-style attacks on macOS, there is also a newly added warning in the Terminal. This feature offers a similar safeguard at the operating system level.

What Users Should Know About Clipboard Safety

Even with Paste Protect enabled, Opera still recommends that users avoid running commands they find online unless they fully understand what they do.

For better clipboard safety, it is advised to treat unexpected "fix" or "verification" instructions with suspicion, especially when they involve pasting content into the Terminal, Command Prompt, PowerShell, or the Run dialog.

Users should verify commands against trusted sources before executing them. It is also helpful to use script execution environments that show the exact content before running it. When dealing with scripts from platforms like GitHub, it is safer to review their origin rather than trusting third-party links.

Paste Protect reduces the chance of copying malicious content accidentally, but it does not eliminate the need for user judgment when reviewing scripts and commands.

Paste Protect is now available in the latest version of Opera on Windows, macOS, and Linux. Users with older versions of Opera should update via the browser's built-in update feature to access this new feature.

Opera has not announced any plans to extend Paste Protect to Opera GX, Opera Mini, or other Opera browser variants.

The company has not disclosed the specific detection methods used by Paste Protect. Users can follow Opera's security blog for updates on the feature’s development and for information about additional protections against emerging clipboard attack techniques.

Thank you for being a Ghacks reader. The post Opera Adds Paste Protect Feature to Block ClickFix Clipboard Attacks in Latest Release appeared first on gHacks.



☞ El artículo completo original de Arthur Kay lo puedes ver aquí

No hay comentarios.:

Publicar un comentario