Researchers believe that the new Jupyter infostealer is being operated by Russian speaking hackers.
For malicious hackers, there are different types of trojans out of which one happens to be an infostealer. These are built for stealing data from systems and communicating it to their servers without having long-term objectives such as remaining hidden within the system.
Keeping this in mind, recently, researchers from Morphisec have discovered a new info stealer written in .NET called Jupyter which targets notable web browsers such as Mozilla Firefox and Google Chrome in addition to the Chromium code in itself.
According to researchers,
This is the first version seen in the wild of the infostealer stealing information (autocomplete, cookies, and passwords) only from Chrome browsers.
This version added Firefox information stealing (cookies, logins, certificates, and form history). This version uses the same technique of copying the stolen information before accessing it to evade detection.
Stumbling across it while helping one of their customers in the US, the features of the malware include the ability to download and run malware plus Powershell scripts and commands while also injecting shellcode into different applications that relate to Windows Configuration.
See: Fake Chrome & Firefox browser update lead users to malware infection
The downloaded file that is run appears to be a Zip file with an installer that shows itself as another legitimate piece of software while in actuality is not. The alarming thing here is that this file according to the researchers ..
Support the originator by clicking the read the rest link below.
