SugarGh0st RAT Used to Target American Artificial Intelligence Experts
May 16, 2024, 10:31 a.m.
Tags
External References
Description
This intelligence report provides details about a SugarGh0st RAT campaign conducted by an unattributed threat actor, tracked as UNK_SweetSpecter, targeting organizations in the United States involved in artificial intelligence (AI) efforts across academia, private industry, and government. The campaign employed phishing emails with AI-themed lures to deliver the customized Gh0stRAT variant. The objective was likely to obtain non-public information about generative AI, coinciding with recent reports of U.S. efforts to limit Chinese access to such technologies.
Date
Published: May 16, 2024, 10:07 a.m.
Created: May 16, 2024, 10:07 a.m.
Modified: May 16, 2024, 10:31 a.m.
Indicators
feae7b2b79c533a522343ac9e1aa7f8a2cdf38691fbd333537cb15dd2ee9397e
fc779f02a40948568321d7f11b5432676e2be65f037acfed344b36cc3dac16fc
da749785033087ca5d47ee65aef2818d4ed81ef217bfd4bc07be2d0bf105b1bf
71f5ce42714289658200739ce0bbe439f6ef6fe77a5f6757b1cf21200fc59af7
4ef3a6703abc6b2b8e2cac3031c1e5b86fe8b377fde92737349ee52bd2604379
43.242.203.115
103.148.245.235
account.gommask.online
account.drive-google-com.tk
Attack Patterns
SugarGh0st RAT
UNK_SweetSpecter
T1564.003
T1059.001
T1547.001
T1059.007
T1071.001
T1562.001
T1105
T1566.001
T1027
T1072
Additional Informations
Technology
Education
Government
United States of America