43,000 Clipsa Malware Attacks on PCs in India -Avast

PC security maker Avast on Wednesday said it has detected and blocked over 43,000 attacks of Clipsa malware which steals passwords and mines cryptocurrencies that slows down computers.

Clipsa disguises itself as software for installing media players and infects computers when it is downloaded.

"Clipsa is an unusual password stealer. In that it supports a wide range of functionalities. Instead of just focusing on passwords and cryptowallets present on the victim's computer, Clipsa also makes PCs do cybercriminals' dirty work, like searching for vulnerable WordPress websites on the internet and brute-forcing their credentials," said Jan Rubin, malware researcher at Avast.

The campaign is most prevalent in India, where Avast has blocked more than 43,000 Clipsa infection attempts, protecting more than 28,000 users in the country from the malware, the statement said.

If a device is infected with Clipsa, users may notice PC performing slower than usual, due to malicious cryptocurrency mining being executed by the malware in the background. PTI PRS

Against Global Average of 40%, Only 8.7% South Asia Homes have IoT or 'Connected' Devices

Just 8.7% of homes in South Asia have Internet of Things (IoT) or 'connected"' devices such as Internet-enabled TVs or surveillance camera against a global average of 40%, says a research by Avast, a digital security products company, in collaboration with Stanford University.

In key findings of the report, media devices like smart TVs are most common in seven of 11 global regions but there is significant variance otherwise.

For example, surveillance cameras are most popular in South and Southeast Asia, while work appliances prevail in East Asia and Sub-Saharan Africa.

For the study, Avast scanned 83 million IoT devices in 16 million homes worldwide to understand the distribution and security profile of IoT devices by type and manufacturer.

It revealed that even with over 14,000 IoT manufacturers worldwide, 94%t of all IoT devices are manufactured by just 100 vendors. While there is a very long tail of over 14,000 global IoT vendors, market dominance is limited to only a few, the research found.

The research also revealed that more than 7% of all IoT devices worldwide still use obsolete protocols like FTP and Telnet, making them especially vulnerable. Telnet, which exist since 1969, does not encrypt communications and is an easy target for attackers to sniff into for user IDs and passwords.

Yet, the research shows that surveillance devices and routers consistently support Telnet protocol. Surveillance devices have the weakest Telnet profile, along with routers and printers. This aligns with historical evidence such as the role of Telnet in the Mirai botnet attacks that suggests these kinds of devices are both numerous and easy to compromise.

The Mirrai attacks in 2016-17 were largely successful because of the over-reliance of IOT devices using Telnet for remote-admin.

North America has 66% households that have at least one IoT device. Home assistants are present in 10% of homes in North America but are yet to see significant adoption in other markets.

While nearly half of North American homes have an Internet-connected TV or streaming device, less than three per cent do in South Asia, the findings showed.

Source - Outlook, Livemint