Jupyter
Jupyter (SolarMarker, Yellow Cockatoo, Polazert) is a .NET infostealer/backdoor family active since 2020. It targets users looking for fake productivity software through SEO poisoning. AES-256-CBC uses encrypted C2 config. Steals browser credentials and cookies.
Threat Profile
Type
Infostealer
Programming Language.NET/C#
C2 ProtocolHTTPS/AES
First Seen2020
Targets
Genel Kullanici
Purpose / Capabilities
- Browser Credential Theft
No C2 servers have been identified for this family yet.
Research Reports (1)
Jupyter/SolarMarker Infostealer — AES Sifrelenmis C2 Config, .NET, Sahte Yazilim SEO Yemi | Yuksek
Jupyter/SolarMarker .NET infostealer. AES-256-CBC base64url sifrelenmis C2 config. SEO zehirleme yemi.
Read Report →