A new info stealer called Jupyter has been found which targets signaling out healthcare and education sectors, to which high-end security firewalls cannot do anything to save the information.
Hacker News reported, “The new supply chain discovered by Morphisec on September 8 underscores that the malware is not only still active, but also shows “how threat actors are evolving their attacks to become more efficient and evasive.” The Israeli company said it is currently investigating the scale and scope of the attacks.
Jupyter, also known as Solarmarker was first reported in November 2020 and is known to target Chromium, Firefox, Chrome browser data, with additional capabilities and advantages which allow it full access to backdoor functionality, access to the data server, including upload information to the remote server and download and execute further payloads.
Cybersecurity from CrowdStrike described earlier February this malware as packing a multi-stage, heavily obfuscated PowerShell loader, which further leads to the execution of a .NET compiled backdoor. According to Cisco Talos, it is a highly sophisticated malware that is largely focused on credential and residual information theft.
Jupyter is said to be very dangerous malware for the devices as it has the power to manipulate the user’s devices and get the sensitive data and use it for their advantage.