Clipsa – Multipurpose password stealer – Avast Threat Labs
Clipsa – Multipurpose password stealer – Avast Threat Labs
High level overview Clipsa is a multipurpose password stealer, written in Visual Basic, focusing on stealing cryptocurrencies, brute-forcing and stealing administrator credentials from unsecured WordPress websites, replacing crypto-addresses present in a clipboard, and mining cryptocurrencies on infected machines. Several versions of Clipsa also deploy an XMRig coinminer to make even more money from infected computers. …
FULL ARTICLE: Clipsa – Multipurpose password stealer – Avast Threat Labs
News Insights:
Deepak Patel, security evangelist at PerimeterX, commented:
“WordPress is used by many marketing and digital teams as a content management system supporting company websites. This means brand reputation is at risk when a vulnerability like this is found and exploited. In this case, threat actors use a WordPress site to serve content to the site’s visitors by injecting a malicious script that is served as first party content. Such zero day attacks require a solution that analyzes any new code executing on the client-side in real-time. This is a classic example of the need for marketers and digital leaders to partner closely with the security team to protect their brand website and the company’s reputation.”
Hugh Taylor
Hugh Taylor is a Certified Information Security Manager (CISM). In addition to editing Journal of Cyber Policy, he writes about cybersecurity, compliance and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google and Advanced Micro Devices. Prior to launching his freelance writing career, he served in executive roles at Microsoft, IBM and several venture-backed technology startups.