Sunday , July 12 2026

CIRT ALERT
New AsyncRAT malware campaign detected in Bangladesh cyber space

BGD e-GOV CIRT found a cyber-attack campaign using AsyncRAT (Asynchronous Remote Access Trojan) aimed at Bangladesh. Threat analysis shows that the website ck44jili[.]com is a main Control Center (C2) for the AsyncRAT malware.

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

Thousands of MCP Servers Exposed to File Access and Injection Attacks

Thousands of Model Context Protocol (MCP) servers have serious security flaws like file access issues, command injection, server-side request forgery...
Read More
Thousands of MCP Servers Exposed to File Access and Injection Attacks

CERT/CC Alerts to Hidden Admin Backdoor in Tenda Router Firmware

Several Tenda firmware versions have a hidden backdoor that lets people gain admin access to the device's web interface. An...
Read More
CERT/CC Alerts to Hidden Admin Backdoor in Tenda Router Firmware

Daily Cyber security update for 6. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 6. 07. 2026

The campaign mixes malware, remote access, and fake financial tricks. Attackers hide harmful files as real software and run fake online gambling sites aimed at users in Bangladesh.

Of particular concern, the malicious infrastructure appears designed to socially engineer Bangladesh-based victims through localized payment mechanisms including bKash, Nagad, and Rocket, increasing the likelihood of successful financial fraud and malware infection.

The analysis shows that the malware pretends to be a WinRAR program (winrar-x64.exe) but actually works as AsyncRAT v0.5.8, allowing complete remote control of infected computers.

Threat actors appear to leverage Bangladesh-specific payment channels, increasing victim trust and improving fraud success rates. The campaign targets banking & fintech, telecom, e-commerce, government users and enterprise employees.

Attack Chain: 

CIRT identified the following IP Addresses related to the campaign 172.67.211.32, 23.195.81.33, 23.195.81.41, 23.195.81.9, 52.111.243.31 and 2600:4700:3031::ac43:d320.

CIRT advises that organizations must act quickly against AsyncRAT infections. They should block harmful domains and suspicious ports, isolate infected systems, and keep evidence for investigation. Security measures should include scanning devices for AsyncRAT signs, removing harmful scheduled tasks, resetting hacked passwords, and checking startup entries for any unauthorized action. Also, network defenses should improve by limiting outgoing traffic to unknown ports, using DNS filtering, checking proxy and network logs for strange activity, and blocking known harmful servers.

Related News:

Bangladeshi “RapidLogX” Helps Unmask Real Scammers with 20+ Data Points
‘NB’ app scam in Bangladesh; Thousands lost; 30 complaints to police
BGD e-GOV CIRT offically colaborated with “Have I Been Pwned”

Check Also

Apple

New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide

Researchers at cybersecurity firm Paradigm Shift found a new flaw called usbliter8. This flaw can …