Chinese hackers are reportedly using a malware strain called SugarGh0st, which is a variant of Gh0st RAT, to target the Uzbekistan Ministry of Foreign Affairs. The attacks commenced in August, with decoy documents disguising the malware. Researchers believe the initial attack vector was a phishing email with a malicious file attached. The hackers, believed to be Chinese-speaking, also targeted individuals in South Korea with documents written in Korean. Earlier campaigns used Gh0st RAT to target entities in Uzbekistan and other Asian countries.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some