espionage group targets government agencies with and more infection techniques
Essential information
- Published
- 24/06/2024 08:11
- Modified
- 24/06/2024 09:00
- Tags
- 2024-06-24 apt espionage government phishing rat spicerat sugargh0st
- Related entities
- 148 observables, 1 intrusion sets (apt), 8 techniques (mitre), 2 malware, 8 others
Description
A recently discovered threat actor, dubbed 'SneakyChef,' has been conducting an ongoing espionage campaign targeting government agencies across different regions, primarily utilizing the SugarGh0st malware. The group employs decoy documents impersonating government entities and infects victims through techniques like malicious RAR files and VBScript. Targets span multiple countries, with a focus on ministries of foreign affairs, embassies, and related government sectors. The report provides an analysis of the group's tactics, lure samples, and infection chains.