A New Jupyter Malware Version is Being Distributed via MSI Installers

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,148
Content source
https://thehackernews.com/2021/09/a-new-jupyter-malware-version-is-being.html
Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions.

The new delivery chain, spotted by Morphisec on September 8, underscores that the malware has not just continued to remain active but also showcases "how threat actors continue to develop their attacks to become more efficient and evasive." The Israeli company said it's currently investigating the scale and scope of the attacks.
Click to expand...
Running the MSI payload leads to the execution of a PowerShell loader embedded within a legitimate binary of Nitro Pro 13, two variants of which have been observed signed with a valid certificate belonging to an actual business in Poland, suggesting a possible certificate impersonation or theft. The loader, in the final-stage, decodes and runs the in-memory Jupyter .NET module.

"The evolution of the Jupyter infostealer/backdoor from when we first identified it in 2020 proves the truth of the statement that threat actors are always innovating," Morphisec researcher Nadav Lorber said. "That this attack continues to have low or no detections on VirusTotal further indicates the facility with which threat actors evade detection-based solutions."
Click to expand...
thehackernews.com

A New Jupyter Malware Version is Being Distributed via MSI Installers

A new version of Jupyter malware is being distributed via MSI installers.
thehackernews.com thehackernews.com
 
  • Like
  • Wow
Reactions: Mercenary, Andy Ful, Guilhermesene and 1 other person
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
Malware News New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
Replies
3
Views
1,996
Security News
Andy Ful
Andy Ful
vtqhtr413
    • Like
    • +Reputation
    • Wow
Cl0p's MOVEit Campaign Represents a New Era in Cyberattacks
Replies
11
Views
3,897
News Archive
vtqhtr413
vtqhtr413
silversurfer
    • Like
    • +Reputation
    • Thanks
New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Replies
1
Views
663
News Archive
Zero Knowledge
Z

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top