The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show.
“The core of SolarMarker’s operations is its layered infrastructure, which consists of at least two clusters: a primary one for active operations and a secondary one likely used for testing new strategies or targeting specific regions or industries,” the company said in a report published last week.
“This separation enhances the malware’s ability to adapt and respond to countermeasures, making it particularly difficult to eradicate.”
SolarMarker, known by the names Deimos, Jupyter Infostealer, Polazert, and Yellow Cockatoo, is a sophisticated threat that has exhibited a continuous evolution since its emergence in September 2020. It has the capability to steal data from several web browsers and cryptocurrency wallets, as…