Opera Mini is the top mobile browser in Russian Federation, and it seems that a website in Russian, which looks similar to Opera Software’s website, is serving malware to the users. As reported by Trendlabs blog, that website prompted users to update Opera Mini installed on their mobile devices and served a fake and malicious OperaMini.jar file to the users on upgrade. Although, Trendlabs blog has not disclosed the URL of that website.
This malicious file is actually a trojan, J2ME_FAKEBROWS.A, which disguises itself as Opera Mini. After installing on users’ mobile devices, it sends SMS to certain premium numbers. It bears the file icons of certain applications to avoid easy detection and consequent removal.
Opera Software has now alerted users to avoid such upgrade notification. Affected users should uninstalled Opera Mini immediately, and do a fresh installation from any reliable app store or Opera’s official website (m.opera.com).