Opera Press:
OSLO, Norway, 2 July 2026: Opera (NASDAQ: OPRA), a leading global browser and AI agent company, has launched Paste Protect, an all-around clipboard protection solution to head off clipboard-based attacks such as hijacking and pastejacking.
With Paste Protect, Opera becomes the first major browser to include a native protection and warning system against ClickFix-based cyberattacks, which accounted for over half of malware-loading cyber attacks in 2025. The feature is built directly into Opera’s desktop browsers and switched on by default, so users are protected automatically with no setup required.
A ClickFix-style attack usually starts with something small and ordinary: a video that won’t play, or a CAPTCHA that won’t quite verify you’re human. A pop-up offers a fix, telling you to copy a short command and paste it into your computer’s terminal. It looks like routine troubleshooting. In reality, that command can install malware, steal saved passwords, or hand an attacker remote access to your machine, all carried out by the user’s own hands, on their own device.
What makes ClickFix so effective is that it sidesteps most existing defences entirely. Antivirus software and email filters are built to catch threats arriving from outside, not commands a user types or pastes in themselves. According to cybersecurity firm Huntress, ClickFix now accounts for over 53% of this kind of malicious activity.
“ClickFix attacks succeed because they turn the user into the weapon,” said Pawel Kurzelewski, Head of Security at Opera. “The clipboard is the last point before a malicious command is run, so that’s where we built our defense. With Paste Protect, we’re stopping these attacks at the exact moment they would normally succeed.”
“Opera had already been protecting users from paste hijacking for half a decade – it made sense to expand that protection to address one of the most increasingly serious online threats,” said Mohamed Salah, Senior Director of Product at Opera. “Paste Protect gives your browser a robust early warning system that can alert less experienced users while still enabling more control for more tech-savvy users or developers.”
Paste Protect encompasses Opera’s already existing Hijack protection feature with a unique Injection protection element. Hijack protection stops external applications swapping out clipboard contents for something harmful without the user noticing, e.g. a bank account number or a crypto wallet address.
The new and unique Injection protection monitors clipboard activity in real time for potentially malicious commands that are copied by the user or placed there by a website. It uses detection techniques tailored to Windows, macOS, and Linux to spot patterns associated with malicious scripts.
If a threat is detected, the copy action is blocked immediately, a warning pops up and explains what happened, and a red icon appears in the address bar. Users can see the first 120 characters of the blocked content, and developers working with trusted sources can override the block or mark specific sites as safe.
Paste Protect gives Opera users one of the most complete clipboard defences of any major browser, guarding against threats that come from outside the browser and from malicious websites alike.
If you’re unfamiliar with the terminology around cyberattacks like ClickFix, like what exactly is a clipboard or terminal, check out Opera’s latest blog for a clear explanation.
Source:
Opera launches Paste Protect, the first native defense against clipboard-based attacks in a browser
Opera is the first major browser to natively protect you from clipboard attacks – Introducing Paste Protect.




