The cybersecurity company Proofpoint has found a new operation using the SugarGh0st Remote Access Trojan (RAT) that is going after AI research organizations in the United States.
The operation, linked to a threat cluster known as UNK_SweetSpecter, went after businesses, universities, and government agencies.
Attack Method: Emails with AI-themed bait
UNK_SweetSpecter’s campaign in May 2024 used a free email account to send emails with AI-themed traps to people who might be victims. These emails had a zip archive file to get people to open it.
The zip file dropped an LNK shortcut file that used a JavaScript dropper as soon as it was launched.
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
This dropper…
Source link