Opera is rolling out a new feature that detects and blocks malicious clipboard content

Follow ZDNET: Add us as a favorite resource on Google.
Highlights taken by ZDNET
- Opera has released a new security feature.
- Paste Protect can help prevent ClickFix attacks.
- The feature is free and enabled by default.
If a website tells you to “copy this command to fix a problem,” you may not know it, but the command in question may be dangerous. This is called a ClickFix attack, as my ZDNET colleague Charlie Osborne explains.
This social engineering approach can be adapted to suit different access situations, but in general, ClickFix aims to take advantage of solving people’s problems. Fake error messages, for example, can ask users to fix a minor technical problem by copying and pasting code or running commands on their system.
Also: This new cyberattack tricks you into hacking yourself. Here’s how to see it
To solve that problem, Opera developers created Paste Protect, which detects and blocks malicious clipboard content before you paste it into a terminal or command. According to Opera, “ClickFix attacks often start with something small and common…a video that won’t play, or a CAPTCHA that won’t verify your identity. Next, the page offers a fix for the problem in the form of a short command that must be pasted into the computer’s terminal. Once that command is executed, the computer becomes vulnerable.”
According to Opera, more than half of cyber-loading malware attacks in 2025 were of the ClickFix type. In fact, CAPTCHA fraud attacks have increased by 563 percent in the last year.
Why ClickFix attacks so many defenses
The ClickFix attack bypasses almost all existing protections, including antivirus and email filters. Reason: Those programs are designed to check for threats from external sources, not commands typed or pasted by the user.
“The ClickFix attack is successful because it turns the user into a weapon,” said Pawel Kurzelewski, head of security at Opera. “The clipboard is the last point before a malicious command is issued, so that’s where we built our defenses. With Paste Protect, we stop these attacks at the exact moment they would be successful.”
You may remember that in 2021, Opera released a feature of the same name. I reached out to Varsha Chowdhury (who does PR for Opera), and she had this to say:
The previous Paste Protection feature prevented third-party apps from hijacking something you’ve already copied and silently inserting something harmful, like a malicious URL, bank account number, or crypto wallet address.
Paste Protect builds on that existing protection by adding a new Injection Protection layer. This detects and blocks malicious commands copied from a website—or placed on your clipboard—before they are pasted into Terminal or Command Prompt. That’s a new capability designed to protect against ClickFix-style attacks.
So, in short:
- Paste Protection = protects the clipboard from being hijacked by external applications.
- Paste Protect = includes the existing Paste Protection and the new Injection Protection, which gives users protection against both clipboard hijacking and ClickFix-style injection attacks.
A new Opera feature monitors clipboard activity in real time for malicious commands copied by a user or inserted into the clipboard by a website. The detection mechanism used by Opera is designed for Linux, macOS, and Windows to detect specific patterns associated with known malicious scripts. If one is found, a warning appears, explaining to the user what happened, and a red icon in the address bar. Users will only be able to see the first 120 characters of blocked content.
Also: Fake CAPTCHA attacks up 563% last year: How to spot them before it’s too late
With this new feature, Opera is working against one of the fastest growing threats to users. Although extensions can help prevent such attacks, Opera is the first browser with a built-in function. This integrated clipboard security system is activated automatically and allows users to approve trusted websites.
Even with Paste Protect on and running, you should always be wary of copying and pasting commands into your computer’s terminal — unless you clearly trust the source.



