A likely Chinese threat actor is using a recent variant of the notorious Gh0st RAT malware to try and steal information from artificial intelligence experts in US companies, government agencies, and academia.
Researchers at security vendor Proofpoint first spotted the campaign earlier this month and are tracking the previously unknown threat actor behind it as “UNK_SweetSpecter.”
In a report released on May 16, the security vendor identified the group as using an AI-themed phishing lure to distribute a remote access trojan (RAT) called SugarGh0st to a highly selective list of AI experts. “The May 2024 campaign appeared to target less than 10 individuals, all of whom appear to have a direct connection to a single leading US-based artificial intelligence organization according to open source research,” Proofpoint said.
Read the rest of the story at DARK READING.