Cyber security experts discovered a targeted cyber attack campaign known as UNK_SweetSpecter, utilizing the SugarGh0st RAT variant to infiltrate networks of U.S.-based organizations engaged in artificial intelligence (AI) projects
The attackers deployed phishing emails with AI-themed lures to persuade targets to open a ZIP archive. While the attack methodology is not highly sophisticated, telemetry data suggests a focus on individuals connected to a leading U.S.-based AI-oriented organization, possibly motivated by espionage or intellectual property theft. The campaign coincides with U.S. government plans to restrict foreign access to generative AI. This highlights the increasing risks to the U.S. AI sector and underscores the need for enhanced cyber security vigilance. Organizations with proprietary AI tools are advised to implement multi-layered security measures and advanced threat prevention systems to detect and prevent malicious activities. Collaboration with the cyber security community, participation in threat intelligence feeds, and adoption of AI-powered cyber security tools such as Check Point’s Infinity Platform are recommended to mitigate AI-based threats. https://www.cybertalk.org/2024/05/16/sugargh0st-rat-variant-targeted-ai-attacks/