Stories
Slash Boxes
Comments

SoylentNews is people

This New Ransomware Targets Data Visualization Tool Jupyter Notebook

posted by Fnord666 on Friday April 01 2022, @09:31PM   Printer-friendly
News

upstart writes:

This new ransomware targets data visualization tool Jupyter Notebook:

A new strain of Python ransomware is targeting environments using Jupyter Notebook.

Jupyter Notebook is an open source web environment for data visualization. The modular software is used to model data in data science, computing, and machine learning. The project supports over 40 programming languages and is used by companies including Microsoft, IBM, and Google, alongside numerous universities.

Aqua Security's Team Nautilus recently discovered malware that has honed in on this popular data tool.

While Jupyter Notebook allows users to share their content with trusted contacts, access to the app is secured through account credentials or tokens. However, in the same way that businesses sometimes do not secure their AWS buckets, leaving them open for anyone to view, Notebook misconfigurations have also been found.

The Python ransomware targets those that have accidentally left their environments vulnerable.

[...] A Shodan search reveals several hundred internet-facing Jupyter Notebook environments are open and accessible (although some may also be honeypots.)

Original Submission

This discussion has been archived. No new comments can be posted.
This New Ransomware Targets Data Visualization Tool Jupyter Notebook | Log In/Create an Account | Top | 4 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 0) by Anonymous Coward on Saturday April 02 2022, @12:07AM (1 child)

    by Anonymous Coward on Saturday April 02 2022, @12:07AM (#1234244)

    It's insecure and I haven't heard of it, so it must be a millennial thing.

    • (Score: 0) by Anonymous Coward on Saturday April 02 2022, @04:32PM

      by Anonymous Coward on Saturday April 02 2022, @04:32PM (#1234369)

      Ok Boomer.

  • (Score: 3, Insightful) by darkfeline on Saturday April 02 2022, @12:23AM

    by darkfeline (1030) on Saturday April 02 2022, @12:23AM (#1234251) Homepage

    If you set up a shell capable service exposed to the Internet and unsecured, people will run unwanted commands on your service.

    Researchers use Jupyter and researchers also tend to lack practical experience shall we say. This situation was to be expected.

    Google actually has a hosted Jupyter service (Colab). Using that would prevent this kind of issue, although if you're doing top secret research you want to make sure you're using a enterprise Google account and not a consumer one since the data ownership policies are different (and if it's super top secret research you probably have an incompetent IT department to help you set up a managed Jupyter instance). That's yet another thing researchers tend to get wrong, using their personal accounts inappropriately. So I guess you're screwed either way.

    People are a problem.

    --
    Join the SDF Public Access UNIX System today!

  • (Score: 0) by Anonymous Coward on Saturday April 02 2022, @12:50AM

    by Anonymous Coward on Saturday April 02 2022, @12:50AM (#1234257)

    Or is that what they are doing wrong, not using a connection token?

(1)