Jupyter is an infostealer that primarily targets Chromium, Firefox, and Chrome browser data. However, its attack chain, delivery, and loader demonstrate additional capabilities for full backdoor functionality. These include:
a C2 client
download and execute malware
execution of PowerShell scripts and commands
hollowing shellcode into legitimate windows configuration applications.
Download the whitepaper to learn:
How Jupyter launches two PowerShell scripts.
The complete attack chain of the Jupyter info stealer.
About all the versions of Jupyter that Morphisec Labs has uncovered since May 2020.