SugarGh0st RAT: Difference between revisions
Content deleted Content added
Added tags to the page using Page Curation (notability) |
No edit summary |
||
| (25 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
<!-- Please do not remove or change this AfD message until the discussion has been closed. --> |
|||
{{notability|date=October 2024}} |
|||
<!-- The nomination page for this article already existed when this tag was added. If this was because the article had been nominated for deletion before, and you wish to renominate it, please replace "page=SugarGh0st RAT" with "page=SugarGh0st RAT (2nd nomination)" below before proceeding with the nomination. |
|||
'''SugarGh0st [[Remote access trojan|RAT]]''' is a [[Microsoft Windows|Windows]] [[malware]] program utilized in attacks since August 2023.<ref>https://www.pcrisk.com/removal-guides/28601-sugargh0st-rat</ref><ref>https://www.proofpoint.com/us/blog/threat-insight/security-brief-artificial-sweetener-sugargh0st-rat-used-target-american</ref><ref>https://github.com/Cisco-Talos/osquery_queries/blob/master/win_malware/sugargh0st_rat_registry_key.yaml</ref><ref>https://www.linkedin.com/pulse/new-rat-malware-sneakychef-sugarghost-attack-windows-klepuszewski-wtjgc/</ref> |
|||
-->{{Article for deletion/dated|page=SugarGh0st RAT|timestamp=20241012161137|year=2024|month=October|day=12|substed=yes}} |
|||
<!-- Once discussion is closed, please place on talk page: {{Old AfD multi|page=SugarGh0st RAT|date=12 October 2024|result='''keep'''}} --> |
|||
<!-- End of AfD message, feel free to edit beyond this point -->{{notability|date=October 2024}} |
|||
'''SugarGh0st [[Remote access trojan|RAT]]''' is a [[Microsoft Windows|Windows]] [[malware]] program (a customized variant of Gh0stRAT), utilized in [[Cyberattack|cyberattacks]] since August 2023, first documented by [[Cisco Talos]].<ref>{{Cite web|url=https://interestingengineering.com/science/sugargh0st-sneakychef-cyberespionage|title=SugarGh0st: China-linked espionage malware targets diplomatic circles|first=Amal Jos|last=Chacko|website=Interesting Engineering}}</ref><ref>{{Cite web|url=https://thecyberexpress.com/sugargh0st-campaign-targets-ai-experts/|title=SugarGh0st RAT Campaign Targets U.S. AI Experts|date=May 17, 2024}}</ref><ref>https://thehackernews.com/2024/05/china-linked-hackers-adopt-two-stage.html</ref><ref>{{Cite web|url=https://www.darkreading.com/cyberattacks-data-breaches/us-ai-experts-targeted-in-sugargh0st-rat-campaign|title=US AI Experts Targeted in SugarGh0st RAT Campaign|website=www.darkreading.com}}</ref> |
|||
It was used to attack government agencies and the private sector,<ref>{{Cite web|url=https://gbhackers.com/new-rat-malware-sneakychef-sugarghost-attack-windows-systems/|title=New RAT Malware SneakyChef & SugarGhost Attack Windows Systems|date=June 24, 2024}}</ref> in EMEA and Asia ([[cyberespionage]], surveillance campaign and [[data theft]]).<ref>{{Cite web|url=https://blog.talosintelligence.com/sneakychef-sugargh0st-rat/|title=SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques|date=June 21, 2024|website=Cisco Talos Blog}}</ref> |
|||
In May 2024 it was reported an email phishing campaign (spotted first by [[Proofpoint, Inc.|Proofpoint]]) from [[threat actor]] [[SweetSpecter]], using this malware, targeting US [[Artificial intelligence|AI]] experts from goverment services, academia, US companies (for example, employees of [[OpenAI]] company), with the intention of obtaining non-public information.<ref>{{Cite web|url=https://www.hstoday.us/subject-matter-areas/cybersecurity/u-s-ai-experts-targeted-in-sugargh0st-rat-campaign/|title=U.S. AI Experts Targeted in SugarGh0st RAT Campaign - HS Today|date=May 22, 2024|website=www.hstoday.us}}</ref><ref>{{Cite web|url=https://www.csoonline.com/article/2111003/us-ai-experts-targeted-in-cyberespionage-campaign-using-sugargh0st-rat.html|title=US AI experts targeted in cyberespionage campaign using SugarGh0st RAT|website=CSO Online}}</ref><ref>{{Cite web|url=https://arstechnica.com/tech-policy/2024/10/using-chatgpt-to-make-fake-social-media-posts-backfires-on-bad-actors/|title=Using ChatGPT to make fake social media posts backfires on bad actors|first=Ashley|last=Belanger|date=October 10, 2024|website=Ars Technica}}</ref><ref>{{Cite web|url=https://www.infosecurity-magazine.com/news/sugargh0st-rat-targeted-ai/|title=SugarGh0st RAT Variant Used in Targeted AI Industry Attacks|first=Alessandro|last=Mascellino|date=May 16, 2024|website=Infosecurity Magazine}}</ref><ref>{{Cite web|url=https://securityonline.info/sugargh0st-rat-targets-u-s-artificial-intelligence-experts/|title=SugarGh0st RAT Targets U.S. Artificial Intelligence Experts|first=do|last=son|date=May 17, 2024|website=Cybersecurity News}}</ref><ref>{{Cite web|url=https://www.cybersecurity-review.com/sugargh0st-rat-used-to-target-american-artificial-intelligence-experts/|title=SugarGh0st RAT Used to Target American Artificial Intelligence Experts - Cyber Security Review|website=www.cybersecurity-review.com}}</ref> |
|||
==See also== |
==See also== |
||
Latest revision as of 15:58, 20 October 2024
An editor has nominated this article for deletion. You are welcome to participate in the deletion discussion, which will decide whether or not to retain it. |
 | The topic of this article may not meet Wikipedia's general notability guideline. (October 2024) |
SugarGh0st RAT is a Windows malware program (a customized variant of Gh0stRAT), utilized in cyberattacks since August 2023, first documented by Cisco Talos.[1][2][3][4] It was used to attack government agencies and the private sector,[5] in EMEA and Asia (cyberespionage, surveillance campaign and data theft).[6] In May 2024 it was reported an email phishing campaign (spotted first by Proofpoint) from threat actor SweetSpecter, using this malware, targeting US AI experts from goverment services, academia, US companies (for example, employees of OpenAI company), with the intention of obtaining non-public information.[7][8][9][10][11][12]
See also
[edit]References
[edit]- ^ Chacko, Amal Jos. "SugarGh0st: China-linked espionage malware targets diplomatic circles". Interesting Engineering.
- ^ "SugarGh0st RAT Campaign Targets U.S. AI Experts". May 17, 2024.
- ^ https://thehackernews.com/2024/05/china-linked-hackers-adopt-two-stage.html
- ^ "US AI Experts Targeted in SugarGh0st RAT Campaign". www.darkreading.com.
- ^ "New RAT Malware SneakyChef & SugarGhost Attack Windows Systems". June 24, 2024.
- ^ "SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques". Cisco Talos Blog. June 21, 2024.
- ^ "U.S. AI Experts Targeted in SugarGh0st RAT Campaign - HS Today". www.hstoday.us. May 22, 2024.
- ^ "US AI experts targeted in cyberespionage campaign using SugarGh0st RAT". CSO Online.
- ^ Belanger, Ashley (October 10, 2024). "Using ChatGPT to make fake social media posts backfires on bad actors". Ars Technica.
- ^ Mascellino, Alessandro (May 16, 2024). "SugarGh0st RAT Variant Used in Targeted AI Industry Attacks". Infosecurity Magazine.
- ^ son, do (May 17, 2024). "SugarGh0st RAT Targets U.S. Artificial Intelligence Experts". Cybersecurity News.
- ^ "SugarGh0st RAT Used to Target American Artificial Intelligence Experts - Cyber Security Review". www.cybersecurity-review.com.
 | This malware-related article is a stub. You can help Wikipedia by expanding it. |