Chinese Speaking Threat Actors Leveraging Open Source Tools To Target Cisco talos recently discovered an ongoing campaign from sneakychef, a newly discovered threat actor using sugargh0st malware, as early as august 2023. in the newly discovered campaign, we observed a wider scope of targets spread across countries in emea and asia, compared with previous observations that mainly targeted south korea and uzbekistan. A previously unidentified chinese speaking threat actor known as sneakychef has been implicated in an espionage campaign targeting government organizations across asia and emea (europe, middle east, and africa) using sugargh0st malware since at least august 2023.
Tracking Cybercrime Chinese Threat Actor Identified A newly identified espionage group dubbed “sneakychef” has been targeting government agencies in europe, the middle east, asia, and africa, according to cisco talos. A previously undocumented chinese speaking threat actor named sneakychef has been linked to an espionage campaign targeting government entities across asia and emea (europe, middle east, and africa) with a malware called sugargh0st since august 2023. A newly discovered threat actor, sneakychef, has been identified using sugargh0st malware in a campaign targeting government agencies across emea and asia, expanding from its focus on south korea and uzbekistan. A newly identified threat actor, dubbed sneakychef, has expanded its operations across europe, the middle east, and asia, targeting government ministries and high value diplomatic targets of angola, turkmenistan, kazakhstan, india, saudi arabia, and latvia with sugargh0st malware.
Analysis Of The Russian Speaking Threat Actor Noname 057 16 Ylabs A newly discovered threat actor, sneakychef, has been identified using sugargh0st malware in a campaign targeting government agencies across emea and asia, expanding from its focus on south korea and uzbekistan. A newly identified threat actor, dubbed sneakychef, has expanded its operations across europe, the middle east, and asia, targeting government ministries and high value diplomatic targets of angola, turkmenistan, kazakhstan, india, saudi arabia, and latvia with sugargh0st malware. According to cisco talos researchers, the group is assessed with "medium confidence" as likely being chinese speaking and has been active since at least august 2023, targeting various countries across the emea and asia regions with the malware sugargh0st and spicerat. Sneakychef is a threat actor known for using the sugargh0st rat to target government agencies, research institutions, and organizations worldwide. they have been active since at least august 2023, with a focus on leveraging old and new command and control domains. This presentation is about a malicious campaign operated by a chinese speaking threat actor, sneakychef, targeting government agencies, likely the ministry of external foreign affairs or embassies of various countries since as early as 2023, using sugargh0st rat and spicerat. This stealthy, sophisticated malware has targeted diplomatic entities across asia and africa, staying hidden in systems for months! 🕵️♂️ here’s why moriya is a serious cyber threat.
Comments are closed.