Malware, Data Security

Stealthier Jupyter infostealer discovered

Attacks leveraging a new version of the Jupyter information-stealing malware, also known as Yellow Cockatoo, SolarMarker, and Polazert, with increased stealth capabilities have emerged, according to The Hacker News. Aside from facilitating credential harvesting, data exfiltration, and arbitrary command execution, the updated Jupyter information stealer has also been signed with numerous certificates to better establish legitimacy prior to triggering the infection chain, a report from VMware Carbon Black showed. "The team has discovered new waves of Jupyter Infostealer attacks which leverage PowerShell command modifications and signatures of private keys in attempts to pass off the malware as a legitimately signed file," said researchers. Such an update to the Jupyter infostealer comes after the Lumma Stealer was previously reported by VMware Carbon Black researchers to have been bolstered with a loader and random build generation capability. "This takes the malware from being a stealer type to a more devious malware that can load second-stage attacks on its victims," researchers said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.