Jupyter

Jupyter (SolarMarker, Yellow Cockatoo, Polazert) is a .NET infostealer/backdoor family active since 2020. It targets users looking for fake productivity software through SEO poisoning. AES-256-CBC uses encrypted C2 config. Steals browser credentials and cookies.

Threat Profile
Type Infostealer
Programming Language.NET/C#
C2 ProtocolHTTPS/AES
First Seen2020
Targets Genel Kullanici
Purpose / Capabilities
  • Browser Credential Theft
No C2 servers have been identified for this family yet.

Research Reports (1)

High

Jupyter/SolarMarker Infostealer — AES Sifrelenmis C2 Config, .NET, Sahte Yazilim SEO Yemi | Yuksek

Jupyter/SolarMarker .NET infostealer. AES-256-CBC base64url sifrelenmis C2 config. SEO zehirleme yemi.

Read Report →