#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

SolarMarker | Breaking Cybersecurity News | The Hacker News

Category — SolarMarker
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure

SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure

May 21, 2024 Data Breach / Malware
The persistent threat actors behind the  SolarMarker  information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show. "The core of SolarMarker's operations is its layered infrastructure, which consists of at least two clusters: a primary one for active operations and a secondary one likely used for testing new strategies or targeting specific regions or industries," the company  said  in a report published last week. "This separation enhances the malware's ability to adapt and respond to countermeasures, making it particularly difficult to eradicate." SolarMarker , known by the names Deimos, Jupyter Infostealer, Polazert, and Yellow Cockatoo, is a sophisticated threat that has  exhibited a continuous evolution  since its emergence in September 2020. It has the capability to steal data from several web browsers and cryptocurrency wallets, as well...
New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar

New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar

Apr 18, 2022
Cybersecurity researchers have disclosed an advanced version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar. "The recent version demonstrated an evolution from Windows Portable Executables (EXE files) to working with Windows installer package files (MSI files)," Palo Alto Networks Unit 42 researchers  said  in a report published this month. "This campaign is still in development and going back to using executables files (EXE) as it did in its earlier versions." SolarMarker, also called Jupyter, leverages manipulated search engine optimization (SEO) tactics as its primary infection vector. It's known for its information stealing and backdoor features, enabling the attackers to steal data stored in web browsers and execute arbitrary commands retrieved from a remote server. In February 2022, the operators of SolarMarker were  observed  using stealthy Windows Registry...
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

Jan 16, 2025Identity Protection / SaaS Security
You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks . (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).  Stolen credentials on criminal forums cost as little as $10 (Source: Verizon). Something doesn't add up. So, what's going on? In this article, we'll cover: What's contributing to the huge rise in account compromises linked to stolen creds and why existing approaches aren't working.  The world of murky intelligence on stolen credentials, and how to cut through the noise to find the true positives. Recommendations for security teams to stop attackers from using stolen creds to achieve account takeover. Stolen credential-based attacks are on the rise There's clear evidence that identity attacks are now the #1 cyber threat f...
Expert Insights / Articles Videos
Cybersecurity Resources