SugarGh0st RAT: Difference between revisions
Content deleted Content added
No edit summary |
Marquardtika (talk | contribs) mNo edit summary |
||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 4: | Line 4: | ||
<!-- Once discussion is closed, please place on talk page: {{Old AfD multi|page=SugarGh0st RAT|date=12 October 2024|result='''keep'''}} --> |
<!-- Once discussion is closed, please place on talk page: {{Old AfD multi|page=SugarGh0st RAT|date=12 October 2024|result='''keep'''}} --> |
||
<!-- End of AfD message, feel free to edit beyond this point -->{{notability|date=October 2024}} |
<!-- End of AfD message, feel free to edit beyond this point -->{{notability|date=October 2024}} |
||
'''SugarGh0st [[Remote access trojan|RAT]]''' is a [[Microsoft Windows|Windows]] [[malware]] program (a customized variant of Gh0stRAT), utilized in [[Cyberattack|cyberattacks]] since August 2023.<ref>{{Cite web|url=https://interestingengineering.com/science/sugargh0st-sneakychef-cyberespionage|title=SugarGh0st: China-linked espionage malware targets diplomatic circles|first=Amal Jos|last=Chacko|website=Interesting Engineering}}</ref><ref>{{Cite web|url=https://thecyberexpress.com/sugargh0st-campaign-targets-ai-experts/|title=SugarGh0st RAT Campaign Targets U.S. AI Experts|date=May 17, 2024}}</ref><ref>https://thehackernews.com/2024/05/china-linked-hackers-adopt-two-stage.html</ref><ref>{{Cite web|url=https://www.darkreading.com/cyberattacks-data-breaches/us-ai-experts-targeted-in-sugargh0st-rat-campaign|title=US AI Experts Targeted in SugarGh0st RAT Campaign|website=www.darkreading.com}}</ref> |
'''SugarGh0st [[Remote access trojan|RAT]]''' is a [[Microsoft Windows|Windows]] [[malware]] program (a customized variant of Gh0stRAT), utilized in [[Cyberattack|cyberattacks]] since August 2023, first documented by [[Cisco Talos]].<ref>{{Cite web|url=https://interestingengineering.com/science/sugargh0st-sneakychef-cyberespionage|title=SugarGh0st: China-linked espionage malware targets diplomatic circles|first=Amal Jos|last=Chacko|website=Interesting Engineering}}</ref><ref>{{Cite web|url=https://thecyberexpress.com/sugargh0st-campaign-targets-ai-experts/|title=SugarGh0st RAT Campaign Targets U.S. AI Experts|date=May 17, 2024}}</ref><ref>{{cite web | url=https://thehackernews.com/2024/05/china-linked-hackers-adopt-two-stage.html | title=China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT }}</ref><ref>{{Cite web|url=https://www.darkreading.com/cyberattacks-data-breaches/us-ai-experts-targeted-in-sugargh0st-rat-campaign|title=US AI Experts Targeted in SugarGh0st RAT Campaign|website=www.darkreading.com}}</ref> |
||
It was used to attack government agencies,<ref>{{Cite web|url=https://gbhackers.com/new-rat-malware-sneakychef-sugarghost-attack-windows-systems/|title=New RAT Malware SneakyChef & SugarGhost Attack Windows Systems|date=June 24, 2024}}</ref> in EMEA and Asia.<ref>{{Cite web|url=https://blog.talosintelligence.com/sneakychef-sugargh0st-rat/|title=SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques|date=June 21, 2024|website=Cisco Talos Blog}}</ref> |
It was used to attack government agencies and the private sector,<ref>{{Cite web|url=https://gbhackers.com/new-rat-malware-sneakychef-sugarghost-attack-windows-systems/|title=New RAT Malware SneakyChef & SugarGhost Attack Windows Systems|date=June 24, 2024}}</ref> in EMEA and Asia ([[cyberespionage]], surveillance campaign and [[data theft]]).<ref>{{Cite web|url=https://blog.talosintelligence.com/sneakychef-sugargh0st-rat/|title=SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques|date=June 21, 2024|website=Cisco Talos Blog}}</ref> |
||
In 2024 it was reported an email phishing campaign using this malware targeting US [[Artificial intelligence|AI]] experts (for example, employees of [[OpenAI]] company).<ref>{{Cite web|url=https://www.hstoday.us/subject-matter-areas/cybersecurity/u-s-ai-experts-targeted-in-sugargh0st-rat-campaign/|title=U.S. AI Experts Targeted in SugarGh0st RAT Campaign - HS Today|date=May 22, 2024|website=www.hstoday.us}}</ref><ref>{{Cite web|url=https://www.csoonline.com/article/2111003/us-ai-experts-targeted-in-cyberespionage-campaign-using-sugargh0st-rat.html|title=US AI experts targeted in cyberespionage campaign using SugarGh0st RAT|website=CSO Online}}</ref><ref>{{Cite web|url=https://arstechnica.com/tech-policy/2024/10/using-chatgpt-to-make-fake-social-media-posts-backfires-on-bad-actors/|title=Using ChatGPT to make fake social media posts backfires on bad actors|first=Ashley|last=Belanger|date=October 10, 2024|website=Ars Technica}}</ref><ref>{{Cite web|url=https://www.infosecurity-magazine.com/news/sugargh0st-rat-targeted-ai/|title=SugarGh0st RAT Variant Used in Targeted AI Industry Attacks|first=Alessandro|last=Mascellino|date=May 16, 2024|website=Infosecurity Magazine}}</ref><ref>{{Cite web|url=https://securityonline.info/sugargh0st-rat-targets-u-s-artificial-intelligence-experts/|title=SugarGh0st RAT Targets U.S. Artificial Intelligence Experts|first=do|last=son|date=May 17, 2024|website=Cybersecurity News}}</ref><ref>{{Cite web|url=https://www.cybersecurity-review.com/sugargh0st-rat-used-to-target-american-artificial-intelligence-experts/|title=SugarGh0st RAT Used to Target American Artificial Intelligence Experts - Cyber Security Review|website=www.cybersecurity-review.com}}</ref> |
In May 2024 it was reported an email phishing campaign (spotted first by [[Proofpoint, Inc.|Proofpoint]]) from [[threat actor]] [[SweetSpecter]], using this malware, targeting US [[Artificial intelligence|AI]] experts from government services, academia, US companies (for example, employees of [[OpenAI]] company), with the intention of obtaining non-public information.<ref>{{Cite web|url=https://www.hstoday.us/subject-matter-areas/cybersecurity/u-s-ai-experts-targeted-in-sugargh0st-rat-campaign/|title=U.S. AI Experts Targeted in SugarGh0st RAT Campaign - HS Today|date=May 22, 2024|website=www.hstoday.us}}</ref><ref>{{Cite web|url=https://www.csoonline.com/article/2111003/us-ai-experts-targeted-in-cyberespionage-campaign-using-sugargh0st-rat.html|title=US AI experts targeted in cyberespionage campaign using SugarGh0st RAT|website=CSO Online}}</ref><ref>{{Cite web|url=https://arstechnica.com/tech-policy/2024/10/using-chatgpt-to-make-fake-social-media-posts-backfires-on-bad-actors/|title=Using ChatGPT to make fake social media posts backfires on bad actors|first=Ashley|last=Belanger|date=October 10, 2024|website=Ars Technica}}</ref><ref>{{Cite web|url=https://www.infosecurity-magazine.com/news/sugargh0st-rat-targeted-ai/|title=SugarGh0st RAT Variant Used in Targeted AI Industry Attacks|first=Alessandro|last=Mascellino|date=May 16, 2024|website=Infosecurity Magazine}}</ref><ref>{{Cite web|url=https://securityonline.info/sugargh0st-rat-targets-u-s-artificial-intelligence-experts/|title=SugarGh0st RAT Targets U.S. Artificial Intelligence Experts|first=do|last=son|date=May 17, 2024|website=Cybersecurity News}}</ref><ref>{{Cite web|url=https://www.cybersecurity-review.com/sugargh0st-rat-used-to-target-american-artificial-intelligence-experts/|title=SugarGh0st RAT Used to Target American Artificial Intelligence Experts - Cyber Security Review|website=www.cybersecurity-review.com|date=16 May 2024 }}</ref> |
||
==See also== |
==See also== |
||
Latest revision as of 16:25, 25 October 2024
An editor has nominated this article for deletion. You are welcome to participate in the deletion discussion, which will decide whether or not to retain it. |
 | The topic of this article may not meet Wikipedia's general notability guideline. (October 2024) |
SugarGh0st RAT is a Windows malware program (a customized variant of Gh0stRAT), utilized in cyberattacks since August 2023, first documented by Cisco Talos.[1][2][3][4] It was used to attack government agencies and the private sector,[5] in EMEA and Asia (cyberespionage, surveillance campaign and data theft).[6] In May 2024 it was reported an email phishing campaign (spotted first by Proofpoint) from threat actor SweetSpecter, using this malware, targeting US AI experts from government services, academia, US companies (for example, employees of OpenAI company), with the intention of obtaining non-public information.[7][8][9][10][11][12]
See also
[edit]References
[edit]- ^ Chacko, Amal Jos. "SugarGh0st: China-linked espionage malware targets diplomatic circles". Interesting Engineering.
- ^ "SugarGh0st RAT Campaign Targets U.S. AI Experts". May 17, 2024.
- ^ "China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT".
- ^ "US AI Experts Targeted in SugarGh0st RAT Campaign". www.darkreading.com.
- ^ "New RAT Malware SneakyChef & SugarGhost Attack Windows Systems". June 24, 2024.
- ^ "SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques". Cisco Talos Blog. June 21, 2024.
- ^ "U.S. AI Experts Targeted in SugarGh0st RAT Campaign - HS Today". www.hstoday.us. May 22, 2024.
- ^ "US AI experts targeted in cyberespionage campaign using SugarGh0st RAT". CSO Online.
- ^ Belanger, Ashley (October 10, 2024). "Using ChatGPT to make fake social media posts backfires on bad actors". Ars Technica.
- ^ Mascellino, Alessandro (May 16, 2024). "SugarGh0st RAT Variant Used in Targeted AI Industry Attacks". Infosecurity Magazine.
- ^ son, do (May 17, 2024). "SugarGh0st RAT Targets U.S. Artificial Intelligence Experts". Cybersecurity News.
- ^ "SugarGh0st RAT Used to Target American Artificial Intelligence Experts - Cyber Security Review". www.cybersecurity-review.com. 16 May 2024.
 | This malware-related article is a stub. You can help Wikipedia by expanding it. |
