SugarGh0st RAT Returns: New Variant Used to Spy on US AI Experts

Security researchers from Proofpoint have discovered that a hacker group, presumably operating in the interest of China, is using a new version of the SugarGh0st RAT malware to steal information from artificial intelligence experts in private American companies, government agencies, and academia.

The malicious campaign, dubbed “UNK_SweetSpecter,” was first identified by researchers earlier this month. According to a report published on May 16, the attackers employ phishing emails with AI-related themes to distribute the SugarGh0st remote access trojan (RAT) to a select group of specialists.

Proofpoint’s analysis revealed that the campaign targeted fewer than ten individuals, all directly associated with a leading American AI organization (the name of the organization has not been disclosed). Researchers believe the attack aimed to obtain proprietary information about generative artificial intelligence.

Cisco Talos researchers first discovered the SugarGh0st RAT in November last year when it was used by a suspected Chinese hacker group for cyber espionage and surveillance of government officials in Uzbekistan and South Korea. Analysis showed that it is a modified version of the Gh0st RAT, which first appeared in 2008 when the Chinese hacker group “C. Rufus Security Team” made its source code publicly available.

SugarGh0st RAT differs from the original with several enhanced capabilities, such as detecting specific ODBC registry keys for data exfiltration and lateral movement capabilities. Another new feature is the ability to download and execute malicious code from files with specific extensions and function names. Additionally, the malware allows remote operators to execute custom commands via a C2 interface.

During the “UNK_SweetSpecter” campaign, the attackers sent their targets emails with AI-related themes and an attached archive. The email text indicated that the sender had encountered issues using a particular AI tool and requested assistance in resolving these issues or forwarding them to technical staff.

Upon opening the archive, a malicious shortcut was found inside, similar to what Cisco Talos had previously discovered. This shortcut deployed a JavaScript dropper containing a lure document, an ActiveX tool for side-loading, and an encrypted binary file. As a result of executing the shortcut, SugarGh0st was installed on the compromised system, which then connected to the attackers’ C2 server.

Proofpoint speculates that this campaign aims to steal generative AI secrets. This field is highly attractive to attackers, who are striving to extract valuable information from large companies.

Earlier this year, the U.S. Department of Justice charged a Google engineer with stealing AI secrets and attempting to use them at two Chinese technology companies, one of which he founded.

This malicious campaign underscores the growing threat of cyber espionage in advanced technology fields such as artificial intelligence. Companies and researchers must raise awareness of such threats and adopt enhanced security measures to protect their developments and confidential information from cyberattacks.

As AI increasingly penetrates various industries and becomes more significant, protecting intellectual property in this domain becomes a critically important task for both private companies and entire nations.