Thursday , August 7 2025
Bangladeshi

Bangladeshi gov.t/law enforcement email accounts compromised

A coordinated phishing campaign has been uncovered targeting critical Bangladeshi infrastructure — particularly government organizations and law enforcement agencies. This attack leveraged compromised official email credentials to distribute fraudulent emails containing malicious attachments and deceptive login pages reported by BGD e-Gov CIRT.

Source: BGD e-GOV CIRT

📌 Key Attack Techniques:

Air France and KLM disclose data breaches

Air France and KLM announced on Wednesday that their customer service platform was hacked, resulting in stolen data from an...
Read More
Air France and KLM disclose data breaches

CVE-2025-21479 and 27038 Actively Exploited, Google Issues Patches

Google's August 2025 Android Security Bulletin addresses several vulnerabilities. Notably, CVE-2025-21479 and CVE-2025-27038 were exploited before the release. There's also...
Read More
CVE-2025-21479 and 27038 Actively Exploited, Google Issues Patches

DataCenter Exposes 38GB of PII Including Emails and Phone Numbers

Cybersecurity researcher Jeremiah Fowler discovered an unencrypted database with 38 GB of CSV and PDF files and reported it to...
Read More
DataCenter Exposes 38GB of PII Including Emails and Phone Numbers

CVE-2025-54948
Trend Micro alerts of Apex One zero-day exploited in attacks

Trend Micro warned customers to quickly secure their systems due to a remote code execution vulnerability in its Apex One...
Read More
CVE-2025-54948  Trend Micro alerts of Apex One zero-day exploited in attacks

Bangladeshi gov.t/law enforcement email accounts compromised

A coordinated phishing campaign has been uncovered targeting critical Bangladeshi infrastructure — particularly government organizations and law enforcement agencies. This...
Read More
Bangladeshi gov.t/law enforcement email accounts compromised

Dell Laptop PCs 100+ models affected through “ReVault” attack

More than 100 Dell laptop models in the Latitude and Precision series are vulnerable due to five common security issues...
Read More
Dell Laptop PCs 100+ models affected through “ReVault” attack

Cisco reveals data breach affecting Cisco.com user accounts

On July 24, 2025, Cisco learned of a vishing attack aimed at one of its representatives, allowing a bad actor...
Read More
Cisco reveals data breach affecting Cisco.com user accounts

Firepass Offers Safer, Cheaper Alternative to Traditional Fire Systems

SmartData, has introduced advanced fire-extinguishing technology; Firepass, is gaining attention in Bangladesh as a fire prevention solution. This technology prevents...
Read More
Firepass Offers Safer, Cheaper Alternative to Traditional Fire Systems

Cloud intrusions surged 136% H1 of 2025

Cloud intrusions increased significantly in the first half of 2025, rising 136% compared to all of 2024, as reported by...
Read More
Cloud intrusions surged 136% H1 of 2025

Fraud Alert
Fake Website Impersonates Bangladesh’s National Card Scheme TakaPay

Bangladesh Bank has issued a public warning regarding a fraudulent website operating under the guise of the country’s official National...
Read More
Fraud Alert  Fake Website Impersonates Bangladesh’s National Card Scheme TakaPay

Email Spoofing Using Trusted Accounts:
Attackers sent phishing emails from seemingly legitimate government or law enforcement addresses.

Malicious Links via Image Files:
Embedded phishing links within .jpeg or .png files disguised as attachments.

Password-Protected .docx Files:
Used to bypass filters; some contained Trojan droppers initiating infection chains.

Source: BGD e GOV CIRT

Deceptive Domains & Hosting Abuse:

Example:
https://mail-baf-mil-bd-fils-cas-visit-to-chi[.]netlify[.]app
Mimics official military/government domains
Hosted on Netlify for SSL and trusted infrastructure abuse
Backend connected to attacker infrastructure

Credential Harvesting via Fake Forms:
HTML phishing forms collected user credentials under fake fields like “pdf” and “sweet”.

Evading Detection:
Hidden JavaScript loaders to mask login forms
Developer tools and right-clicks disabled
Use of misleading file extensions such as .ttt, .url, and .html

🎯 Primary Targets:
Law Enforcement Agencies
Government Organizations

🛑 Indicators of Compromise (IOCs):

Source: BGD e-GOV CIRT

Suspicious IPs:
18.208.88[.]157
45.95.161[.]15
88.119.161[.]40
173.239.196[.]4 / .157 / .158

Malicious Files:

Password-protected .doc files (Trojan)
Fake image viewers or .pdf loaders

Deceptive Domains:
mail.mofa.govnp[.]org
mx1.nepal.govnp[.]org
nitc.govnp[.]org

Recommended Actions:

DO NOT click unknown links or open unexpected attachments.
Verify senders, even if using .gov or .mil domains.
Enable MFA across all critical systems.
Implement email filtering & sandboxing.
Educate staff on phishing red flags.
Report incidents or suspicious indicators to: [email protected]

CIRT alerts CII, Energy Sectors, Banks risk for a large-scale cyberattack

Check Also

TakaPay

Fraud Alert
Fake Website Impersonates Bangladesh’s National Card Scheme TakaPay

Bangladesh Bank has issued a public warning regarding a fraudulent website operating under the guise …

Leave a Reply

Your email address will not be published. Required fields are marked *