June 21, 2024 at 04:51PM Chinese APT group “SneakyChef” has been engaging in government cyberespionage across various countries, using the SugarGh0st RAT and lately the SpiceRAT. Targeting ministries and embassies, they employ SFX RAR files to deliver malware and decoy documents. Their tactics aim to gather data and establish footholds for future, more sophisticated attacks. … Read more
December 1, 2023 at 06:24AM A Chinese-speaking cyberespionage group has launched a campaign using SugarGh0st RAT to target Uzbekistan’s Foreign Affairs Ministry and South Korean individuals. The malware, delivered via phishing emails with malicious attachments, allows remote control and has been active since August 2023. Connections to Chinese hackers are suggested by RAT’s traits and … Read more
November 30, 2023 at 04:08PM A modified “Gh0st RAT” malware, called “SugarGh0st,” has been targeting South Koreans and Uzbekistan’s Ministry of Foreign Affairs. Distributed via phishing with decoy documents, the updated malware evades detection and allows remote access, data theft, and system manipulation. Originating from March 2008, Gh0st RAT remains effective due to its adaptability … Read more