November 27, 2020
New Jupyter Malware Steals Browser Data and Opens Backdoors

This New Malware Variant can Steal Browser Data and Open Backdoors on Infected Systems

A group of threat actors are spreading new malware to steal sensitive information from their victims, using real-looking but fake software…

A ring of Russian-speaking hackers have been deploying a new malware variant named Jupyter. Thus far, the group has enjoyed much success by keeping a low profile and benefiting from a fast development cycle. At its core, the malicious code is designed to collect data from various types of software. But, it can also be used to create backdoors within infected systems.

New Jupyter Malware Steals Browser Data and Opens Backdoors

The malware is thought to have first emerged during an incident response engagement in October at a university in the United States. However, forensic data does indicate earlier versions have been around since May. Researchers at cybersecurity company Morphisec discovered the cybercriminals were highly active, with some components receiving over nine updates in a single month.

The most recent version was probably created earlier in the month, but it doesn’t include any significant changes. Although, the constant code modification allows it to evade detection, which enabled Jupyter to collect more data from compromised systems. Jupyter is able to steal cookies, credentials, certificates, and autocomplete information from Chromium, Mozilla Firefox, and Google Chrome web browsers.

As usual, the hackers behind Jupyter, like many other threat actors, spread the malware by using phony software programs disguised to look just like legitimate ones.

Owen E. Richason IV

Covers social media, apps, search and like news. History buff, movie and theme park lover. Blessed dad and husband. Owen is also a musician and is the founder of Groove Modes.          

View all posts by Owen E. Richason IV →