Jupyter Malware: What You Should Know…


October 5, 2021

There’s a .NET info-stealer making the rounds. It’s called Jupyter, and it’s very good at avoiding end-point protection software.
Originally discovered in November of 2020, Jupyter (originally called Solarmaker) is designed to steal browsing data and login credentials from Google Chrome, Chromium, and Mozilla Firefox.
Jupyter has fairly robust back door capabilities to help it do its dirty work.

It specifically uses a PDF application called Nitro Pro to hide its installer payload and avoid anti-malware software. The process is further hidden behind a third-party packaging wizard called Advanced Installer.

By using the legitimate binary of Nitro Pro 13, and in two legitimately signed certificates (apparently stolen from a company in Poland) Jupyter installs its nefarious .NET module.

You can read more about Jupyter over at Morphisec’s blog (https://blog.morphisec.com/new-jupyter-evasive-delivery-through-msi-installer). It’s pretty interesting and includes a lot more technical information.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter

Carl Keyser is the Content Manager at Integris.

Keep reading

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...

7 Signs Your Denver Business Needs a Tech Update

Regardless of size or industry, technology is an essential part of every Denver business. That being said, technological improvements and advancements can develop quite quickly, leaving some businesses scrambling to keep up. While many businesses cite expenses in the...

Cybersecurity best practices for Boston Businesses

Securing your businesses sensitive data, networks, and devices is non-negotiable in the technologically-driven world we live in. Whether you are a small business or or corporation in Boston, it is imperative that you prioritize cybersecurity. It is no longer enough to...