espionage group targets government agencies with and more infection techniques
released on 2024-06-24 @ 08:11:27 AM
A recently discovered threat actor, dubbed 'SneakyChef,' has been conducting an ongoing espionage campaign targeting government agencies across different regions, primarily utilizing the SugarGh0st malware. The group employs decoy documents impersonating government entities and infects victims through techniques like malicious RAR files and VBScript. Targets span multiple countries, with a focus on ministries of foreign affairs, embassies, and related government sectors. The report provides an analysis of the group's tactics, lure samples, and infection chains.