• Sunday, May 29, 2022
  • Last Update : 04:24 pm

Govt issues alert on malware attack, fake websites

  • Published at 04:41 pm February 17th, 2021
CIRTalert
A snapshot of a fake website being used for a malware attack as shown in a threat report from the Computer Incident Response Team (e-GOV CIRT) Collected

The malware has been classified as a ‘serious threat’ and can result in ‘significant data breach or heavy financial loss’

The Bangladesh government has issued an alert over a possible malware attack through fake or phishing websites on the country’s cyber network.

The e-Government Computer Incident Response Team (e-GOV CIRT) issued the alert on Wednesday, said a report on its website.

According to the alert, CIRT observed and identified ongoing development of attack variants and dedicated malware campaign by the well-known threat actor “KASABLANKA” specifically targeted to Bangladeshi infrastructure. 

The report also said campaign attackers tried to allure the people interested for Covid-19 vaccination by using fake web portal (corona-bd.com/apply) such as the Bangladesh government’s official Covid-19 vaccine program associated website (corona.gov.bd) 

“The specific campaign utilized the involving a type of RAT (Remote Access Trojan) known as LodaRAT, specifically a variation of familiar AutoIT malware LODA (win.loda),” the report said.

The CIRT report also noted, “Primarily it seems, threat actor’s motives behind this campaign is merely to spread their botnets within Bangladesh and possibly to tweak for espionage rather than purely from breaching accounts for financial gains.” 

It also mentioned that the malware is a “serious threat” and can result in “significant data breach or heavy financial loss.”

In this ongoing malware campaign, the threat actor uses a particular variant of RAT named as LodaRAT. 

“This variant has the ability to access and record the microphone and web camera of the targeted device,” the report mentioned. 

Some antivirus products currently detect the malware Loda as “trojan.nymeria.” 

The report also asked all to be vigilant about cybersecurity and report suspicious issues to https://www.cirt.gov.bd/incident-reporting/

50
Facebook 50
blogger sharing button blogger
buffer sharing button buffer
diaspora sharing button diaspora
digg sharing button digg
douban sharing button douban
email sharing button email
evernote sharing button evernote
flipboard sharing button flipboard
pocket sharing button getpocket
github sharing button github
gmail sharing button gmail
googlebookmarks sharing button googlebookmarks
hackernews sharing button hackernews
instapaper sharing button instapaper
line sharing button line
linkedin sharing button linkedin
livejournal sharing button livejournal
mailru sharing button mailru
medium sharing button medium
meneame sharing button meneame
messenger sharing button messenger
odnoklassniki sharing button odnoklassniki
pinterest sharing button pinterest
print sharing button print
qzone sharing button qzone
reddit sharing button reddit
refind sharing button refind
renren sharing button renren
skype sharing button skype
snapchat sharing button snapchat
surfingbird sharing button surfingbird
telegram sharing button telegram
tumblr sharing button tumblr
twitter sharing button twitter
vk sharing button vk
wechat sharing button wechat
weibo sharing button weibo
whatsapp sharing button whatsapp
wordpress sharing button wordpress
xing sharing button xing
yahoomail sharing button yahoomail