Watch for a ZIP file with Word icons

Researchers from cybersecurity company Morphisec have recently discovered a new strain of malware they believe has been in the wild of the internet since at least May of this year (2020).

Dubbed Jupyter, this strain is classed as an Info Stealer. It focuses on getting into user names, passwords, and other private systems and exfiltrating that data to a server the hackers control.

Targeting Chrome

As malware goes, this strain certainly isn't the worst or most destructive we've ever seen. However, armed with a sufficient number of your passwords, the hackers can wreak untold havoc on your life, so it's definitely a threat that should be taken seriously.

Of interest, Jupyter seems to preferentially target Chromium Firefox and Google Chrome Browsers, so if you're not using either of those, your risk of running afoul of this strain is relatively low. Unfortunately, Chrome is far and away the most popular browser on the web today, which means the vast majority of users are at risk.

Don't open attachments that say "URGENT OPEN THIS"

The malware is most commonly presented as a zip file and utilizes Microsoft Word Icons inside the zip, with the file names sending out the unmistakable message that they should be urgently opened.

Naturally, if an unsuspecting victim heads down this path, the malware is installed behind the scenes, and promptly begins rooting through the now compromised system looking for user names, passwords, browsing history, cookies, and the like. Once it's found everything of interest, these are bundled and sent off to a command and control server where they're combined with other data from other compromised systems so they can be ported to the Dark Web for sale.

Our perspective

Based on an early analysis of the code, the research team believes this new strain to be of Russian origin, but to this point, they have not traced it back to a specific threat actor. In any case, be aware that it's out there and stay vigilant.

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!" ~

 

By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can find us on LinkedIn, Facebook, and Twitter.

I am also a published author and speaker in cloud computing, work at home, and cybersecurity. I am working extensively with business and professional associations to provide small business technology education programs. Contact me if you would like me to speak at your association