A new malware has been discovered that can attack companies and schools to steal private information and login credentials. This new trojan is called Jupyter and was analyzed by the cybersecurity company Morphisec. Jupyter was first found in a US educational institution in May 2020. The attack carried out by this malware targets the browsing data of Chromium-based browsers.
The installation of this trojan takes place via a .zip file, using totally normal icons and names. When the program is run, Jupyter installs some legitimate tools to hide the installation of malicious components in temporary folders. Once Jupyter is run, it starts stealing passwords, usernames, history etc. Morphisec experts have shown that the author of this malware made Jupyter constantly change code, making it more difficult to detect.
Jupyter seems to have Russian origins: the command and control server should in fact be located in Russia.
