Security researchers have identified a cyberespionage campaign targeting artificial intelligence experts in the US using the SugarGh0st RAT. The attackers, suspected to be Chinese, sent phishing emails pretending to seek help with AI-related issues, luring victims to open ZIP files containing malicious code. This campaign, attributed to a Chinese-speaking threat actor, bears similarities to previous attacks using the same trojan
The SugarGh0st RAT establishes a connection to a remote server, allowing attackers to collect information and execute commands on the infected systems. The highly targeted nature of these attacks, which have included US companies, media organizations, and government entities, suggests a specific interest in generative AI information. Proofpoint has provided indicators of compromise for detection and further investigation. https://www.csoonline.com/article/2111003/us-ai-experts-targeted-in-cyberespionage-campaign-using-sugargh0st-rat.html