We're not talking about cryptocurrency as much as we used to, but there are still plenty of scammers out there

June 28, 2024, 7:57 a.m.

Description

While cryptocurrency and blockchain have lost mainstream attention, cybercriminals continue to exploit these technologies through various scams like memecoins, rug pulls, and unregulated social media platforms. This report also highlights the SneakyChef threat actor's ongoing campaign targeting government agencies, delivering SugarGh0st and SpiceRAT malware. Despite previous disclosures, SneakyChef persists with the same tactics, techniques, and procedures (TTPs) and command-and-control (C2) infrastructure.

External References

https://blog.talosintelligence.com/threat-source-newsletter-june-27-2024/
https://otx.alienvault.com/pulse/667e67d37bd6cbcb85853618
Tags
espionage
cryptocurrency
sugargh0st
spicerat
2024-06-28

Date

  • Created: June 28, 2024, 7:35 a.m.
  • Published: June 28, 2024, 7:35 a.m.
  • Modified: June 28, 2024, 7:57 a.m.

Indicators

  • a024a18e27707738adcd7b5a740c5a93534b4b8c9d3b947f6d85740af19d17d0
  • 9be2103d3418d266de57143c2164b31c27dfa73c22e42137f3fe63a21f793202
  • 484c74d529eb1551fc2ddfe3c821a7a87113ce927cf22d79241030c2b4a4aa74
  • a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91
Download all indicators here!

Attack Patterns

  • SugarGh0st
  • SpiceRAT
  • SneakyChef

Additional Informations

  • Government
  • Turkmenistan
  • Angola
  • British Indian Ocean Territory
  • Latvia
  • India
  • Saudi Arabia
  • Kazakhstan

Linked vulnerabilities

CVE-2024-5806

7.4
    Progress MOVEit Transfer (SFTP module)
Published: June 25, 2024