Clipsa – Multipurpose password stealer – Avast Threat Labs
Clipsa – Multipurpose password stealer – Avast Threat Labs
High level overview Clipsa is a multipurpose password stealer, written in Visual Basic, focusing on stealing cryptocurrencies, brute-forcing and stealing administrator credentials from unsecured WordPress websites, replacing crypto-addresses present in a clipboard, and mining cryptocurrencies on infected machines. Several versions of Clipsa also deploy an XMRig coinminer to make even more money from infected computers. …
FULL ARTICLE: Clipsa – Multipurpose password stealer – Avast Threat Labs
News Insights:
Deepak Patel, security evangelist at PerimeterX, commented:
“WordPress is used by many marketing and digital teams as a content management system supporting company websites. This means brand reputation is at risk when a vulnerability like this is found and exploited. In this case, threat actors use a WordPress site to serve content to the site’s visitors by injecting a malicious script that is served as first party content. Such zero day attacks require a solution that analyzes any new code executing on the client-side in real-time. This is a classic example of the need for marketers and digital leaders to partner closely with the security team to protect their brand website and the company’s reputation.”