Security firm Proofpoint has disclosed a cyberespionage campaign targeting experts in artificial intelligence (AI) across the private sector, academia, and government. This sophisticated operation, utilizing a remote access trojan (RAT) known as SugarGh0st, has primarily focused on U.S.-based specialists in generative AI.
The Campaign and Its Implications
Proofpoint’s findings align with a Reuters report from May 8, 2024, which highlighted increased U.S. measures to restrict Chinese access to generative AI technologies. This temporal alignment suggests that Chinese actors may be resorting to espionage to advance their AI capabilities. While Proofpoint has not definitively attributed the activity to a specific entity, it has provisionally identified the operatives behind these attacks as UNK_SweetSpecter.
SugarGh0st is a variant of Gh0stRAT, a trojan previously used by various Chinese groups. Cisco Talos first documented SugarGh0st in November 2023, following its deployment against government entities in Uzbekistan and South Korea. The trojan’s code contains Chinese language artifacts, and its infection methodologies bear similarities to previous incidents, supporting the hypothesis of a Mandarin-speaking threat actor.
Tactics, Techniques, and Procedures
The attackers have used phishing emails as their primary entry method, leveraging AI-related themes to lure victims. These emails, sent from free accounts, entice targets to open attached ZIP files containing .LNK files. These files execute shell commands indirectly, leading to the deployment of a JavaScript dropper. The dropper performs multiple functions: displaying a decoy document, using an ActiveX tool for sideloading, and deploying an encrypted binary. The ActiveX library is crucial for executing shellcode, which initiates the SugarGh0st RAT via a startup entry labeled CTFM0N.exe, embedding the malware within the system.
The Scope and Objective
Proofpoint’s tracking of SugarGh0st deployment reveals a pattern of highly targeted attacks. Victims include a U.S. telecom giant, an international media house, a South Asian government body, and approximately ten individuals associated with a leading American AI organization. The specificity of these attacks and their focus on AI tools indicate the attackers’ intent to acquire sensitive, non-public information related to generative AI.
The report highlights emerging threats faced by the AI research community and suggests a potential shift in cyberespionage tactics with broad implications for global technology competition. Proofpoint’s comprehensive analysis includes indicators of compromise such as file hashes, IP addresses, and URLs, along with detection signatures, providing essential intelligence for strengthening defenses against this and similar cyber threats.
Additional Information
Proofpoint tracks the cluster responsible for this activity as UNK_SweetSpecter. In the May 2024 campaign, UNK_SweetSpecter used a free email account to send AI-themed lures, enticing targets to open attached ZIP archives. The infection chain mimicked a previously reported method by Cisco Talos, with the LNK files containing similar metadata artifacts and spoofed timestamps.
The JavaScript dropper included a decoy document, an ActiveX tool for sideloading, and an encrypted binary, all encoded in base64. The payload exhibited keylogging, command and control (C2) heartbeat protocols, and data exfiltration methods. Differences in the infection chain observed by Proofpoint included a modified registry key name for persistence, a reduced number of commands the SugarGh0st payload could execute, and a different C2 server.
Last Updated on November 7, 2024 8:21 pm CET