Opera Users Exposed to BlackHole through Browser Homepage

[madyrocksin]

For at least the last few hours, Opera users have been exposed to e-threats coming from the notorious BlackHole exploit pack.

Earlier today, the Bitdefender automated scan systems alerted us to the fact that a malicious obfuscated script loaded by hxxp://portal.opera.com address redirects users towards a malicious page hosting the notorious BlackHole exploit. Most likely, the script has been loaded through third-party advertisement, a practice commonly known as malvertising.

The hidden and obfuscated piece of code in the Opera Portal homepage inserts an IFrame that loads malicious content from an external source. If the Opera user hasn’t changed their default homepage, active malicious content is loaded from a third-party website (g[removed]750.com/in.cgi) whenever they open their browser.
[attachment=2705]

Source

 

[KLMALWAREHUNTER]

Interesting notice. Its not first time that a legit webpage redirect to an exploit. I think that before post the ads must check that dont contain Iframe or redirections to a dangerous sites..