Clipsa – Multipurpose password stealer – Avast Threat Labs

Clipsa – Multipurpose password stealer – Avast Threat Labs

High level overview Clipsa is a multipurpose password stealer, written in Visual Basic, focusing on stealing cryptocurrencies, brute-forcing and stealing administrator credentials from unsecured WordPress websites, replacing crypto-addresses present in a clipboard, and mining cryptocurrencies on infected machines. Several versions of Clipsa also deploy an XMRig coinminer to make even more money from infected computers. …

FULL ARTICLE: Clipsa – Multipurpose password stealer – Avast Threat Labs

News Insights:

Deepak Patel, security evangelist at PerimeterX, commented:

“WordPress is used by many marketing and digital teams as a content management system supporting company websites.  This means brand reputation is at risk when a vulnerability like this is found and exploited. In this case, threat actors use a WordPress site to serve content to the site’s visitors by injecting a malicious script that is served as first party content.  Such zero day attacks require a solution that analyzes any new code executing on the client-side in real-time. This is a classic example of the need for marketers and digital leaders to partner closely with the security team to protect their brand website and the company’s reputation.”