A recent cyber espionage campaign has been identified by researchers, targeting AI experts in the United States and aiming to steal generative artificial intelligence (AI) secrets. The threat actor behind this campaign, known as “UNK_SweetSpecter,” utilizes a remote access trojan (RAT) malware called SugarGh0st to infiltrate the systems of AI experts from various sectors such as tech companies, government agencies, and academic institutions.
Initially reported in November 2023, the SugarGh0st RAT is a custom variant of the Gh0st RAT, which was first linked to a Chinese threat group in 2008. Researchers believe that the UNK_SweetSpecter threat actor is likely of Chinese origin, based on the tactics and tools used in the campaign.
The targets of this cyber espionage campaign were all connected to a prominent US-based AI organization and were lured with AI-themed emails. The attack chain involved a malicious email from a free account, containing a zip file with a JavaScript dropper that deployed the SugarGh0st RAT on the victim’s system. The threat actor behind the campaign constantly shifted their command and control server to evade detection.
Despite the relatively unsophisticated nature of the malware, the targeted approach towards AI experts makes this campaign significant. The researchers noted that the SugarGh0st RAT has been previously used in targeted campaigns in Central and East Asia, emphasizing the threat actor’s specific interest in AI secrets.
While direct attribution to a specific nation-state is challenging, researchers found Chinese language artifacts and precise targeting of AI experts, suggesting a possible link to China-linked threat actors. This campaign coincides with the US government’s efforts to restrict Chinese access to generative AI technologies, with new regulations aimed at controlling the export of AI models and data to countries deemed hostile to US interests.
Earlier reports by Microsoft indicated attempts by Chinese, Russian, North Korean, and Iranian threat actors to leverage AI tools for their campaigns. Chinese threat actors were observed enhancing their technical capabilities with AI tools, while Russian threat actors focused on research related to satellite and radar technologies, possibly linked to the conflict in Ukraine.
The ongoing regulatory efforts to restrict proprietary AI models have led researchers to theorize that this cyber espionage campaign is an attempt by a China-affiliated actor to steal generative AI secrets before the new policies are enforced. By targeting AI experts in the US, the threat actor aims to gain a strategic advantage in the AI research field.
In conclusion, the cyber espionage campaign orchestrated by the UNK_SweetSpecter threat actor highlights the ongoing challenges in safeguarding AI technologies and the need for enhanced cybersecurity measures to protect valuable intellectual property from malicious actors. The evolving landscape of cyber threats underscores the importance of continuous vigilance and collaboration among researchers, policymakers, and industry stakeholders to mitigate the risks associated with AI espionage.