InfoSecBulletin Cybersecurity for mankind
More than 55 different types of malware were found last week, and over 160 malware types are spreading in Bangladesh. Some notable malware groups are Android.BadBox2, Android.Vo1d, Avalanche-Andromeda, and Mirai. This shows that both mobile devices and IoT systems are still being targeted.
The malware strains targeted Bangladesh’s cyber landscape are:
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Critical Cisco ISE Vulnerability Enables Remote Code Execution
F5 Patches NGINX Flaw for Code Execution and DoS Attacks
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally
nymaim, avalanche-tiny-banker, ranbyus, avalanche-urlzone, modpack, aisuru, matsnu, avalanche-matsnu, ngioweb, locky, boaxxe, smokeloader, avalanche-nymaim, qsnatch, avalanche-goznym, avalanche-unknown, avalanche-panda-banker, sunburst, adload, 911-socks5-proxy, avalanche-ranbyus, dltminer, infy, tinynuke, cryptolocker, gozi, avalanche-rovnix, vextrio-help-tds, bondat, proslikefan, skunkx, nymaim2, calypso, avalanche-xswkit, tsifiri, cryptodns-resolver, cobaltstrike, shadowpad, kovter, wd, tinba, avalanche-vmzeus, padcrypt, avalanche-corebot, tick, sharkbot, alien, sality2, zeus, emotet, yash rat, raton, rovnix, giftedvisitor, str-rat, enfal-apt, ebury, avalanche-trusteer-app, urlzone, bumblebee, downadup, red october, pseudomanuscript.
IoT & Network Exposure:
Not only the malware family but a lot of IoT and Network devices are now publicly exposed putting the network at risk. More than 17,000+ routers and IoT devices, along with 3,500+ network-connected printers are vulnerable to attack.
Apart form four CVEs are now actively exploring in Bangladesh including CVE-2026-41940 (WebPros/cPanel), CVE-2021-42013 (Apache HTTP Server), CVE-2017-9841 (PHPUnit Remote Code Execution (RCE), CVE-2023-20198 (Cisco IOS XE Web UI) to gain initial access as reported by CIRT.
Recently a cyber-attack campaign using AsyncRAT (Asynchronous Remote Access Trojan) aimed at Bangladesh is found. Threat analysis shows that the website ck44jili[.]com is a main Control Center (C2) for the AsyncRAT malware.
The campaign mixes malware, remote access, and fake financial tricks. Attackers hide harmful files as real software and run fake online gambling sites aimed at users in Bangladesh.
Of particular concern, the malicious infrastructure appears designed to socially engineer Bangladesh-based victims through localized payment mechanisms including bKash, Nagad, and Rocket, increasing the likelihood of successful financial fraud and malware infection.
The rise of malware types aimed at Windows, Android, IoT, and networks shows that attackers are using weak setups, old systems, open devices, and people’s actions to get in and stay connected.
Organizations in Bangladesh need to quickly improve their cyber defense. They should regularly update their systems, turn off unnecessary internet access for routers and IoT devices, use multi-factor authentication (MFA), watch network traffic for strange outbound connections, and set up advanced endpoint detection and response (EDR/XDR) tools. Security teams should also monitor signs of AsyncRAT activity and block harmful websites, IPs, and suspicious file downloads from fake gambling or financial sites.
As cyber threats to Bangladesh become more complex and larger, sharing threat information early, working together during incidents, and having better teamwork among government, private companies, internet providers, and cybersecurity groups will be crucial to improving the country’s cyber safety.
