Researchers from cybersecurity company Morphisec have recently discovered a new strain of malware they believe has been in the wild of the internet since at least May of this year (2020).
Dubbed Jupyter, this strain is classed as an Info Stealer. It focuses on getting into user names, passwords and other private systems and exfiltrating that data to a server the hackers control.
As malware goes, this strain certainly isn’t the worst or most destructive we’ve ever seen. However, armed with a sufficient number of your passwords, the hackers can wreak untold havoc on your life, so it’s definitely a threat that should be taken seriously.
Of interest, Jupyter seems to preferentially target Chromium Firefox and Google Chrome Browsers, so if you’re not using either of those, your risk of running afoul of this strain is relatively low. Unfortunately, Chrome is far and away the most popular browser on the web today, which means the vast majority of netizens are at risk.
The malware is most commonly presented as a zip file and utilizes Microsoft Word Icons inside the zip, with the file names sending out the unmistakable message that they should be urgently opened.
Naturally, if an unsuspecting victim heads down this path, the malware is installed behind the scenes, and promptly begins rooting through the now compromised system looking for user names, passwords, browsing history, cookies and the like. Once it’s found everything of interest, these are bundled and sent off to a command and control server where they’re combined with other data from other compromised systems so they can be ported to the Dark Web for sale.
Based on an early analysis of the code, the research team believes this new strain to be of Russian origin, but to this point, they have not traced it back to a specific threat actor. In any case, be aware that it’s out there and stay vigilant.