Attacks leveraging a new version of the Jupyter information-stealing malware, also known as Yellow Cockatoo, SolarMarker, and Polazert, with increased stealth capabilities have emerged, according to The Hacker News.
Aside from facilitating credential harvesting, data exfiltration, and arbitrary command execution, the updated Jupyter information stealer has also been signed with numerous certificates to better establish legitimacy prior to triggering the infection chain, a report from VMware Carbon Black showed.
"The team has discovered new waves of Jupyter Infostealer attacks which leverage PowerShell command modifications and signatures of private keys in attempts to pass off the malware as a legitimately signed file," said researchers.
Such an update to the Jupyter infostealer comes after the Lumma Stealer was previously reported by VMware Carbon Black researchers to have been bolstered with a loader and random build generation capability.
"This takes the malware from being a stealer type to a more devious malware that can load second-stage attacks on its victims," researchers said.
Related Events
Related Terms
AdwareBitByteCryptographic Hash FunctionsCyclic Redundancy Check (CRC)Data AggregationData Encryption Standard (DES)Data Loss Prevention (DLP)Digital EnvelopeDigital Signature Standard (DSS)Get daily email updates
SC Media's daily must-read of the most current and pressing daily news