Over 200 Bangladesh Organizations Hit by Hafnium Hacker Group

Over 200 Bangladesh Organizations Hit by Hafnium Hacker Group

According to a Cyber Threat Report released by the Bangladesh Government’s e-Government Computer Incident Response Team (BGD e-GOV CIRT) on April 1st, hacker group Hafnium has launched attacks on more than 200 organizations in Bangladesh.


Bangladesh Telecommunication Regulatory Commission (BTRC), Bangladesh Bank, commercial banks, and Internet service providers were among the targets.


The report claims the hacker group initiated the attacks last month.



In order to observe the current threat landscape, by following the latest exploitation of Microsoft Exchange Server Vulnerabilities, Cyber Threat Research Unit of BGD e-GOV CIRT recently found some IP Addresses associated to different Bangladeshi Organizations, some of these are already exploited and also some others are vulnerable to these threats.



Source


In an interview for Dhaka Tribune, Bangladesh Computer Council Director Tarique M. Barkatullah said that “The malware is inserted through Microsoft Exchange Server. Although no money has been stolen yet, information has been leaked which creates a fear of huge financial loss or stealing of money in the future.”


Nevertheless, Barkatullah added that companies can recover from this attack by using the Hafnium exploit file.


Who Is Hafnium?


Hafnium is a cyberespionage group operating out of China, based on observed victimology, tactics, and procedures.


Identified by the Microsoft Threat Intelligence Center (MSTIC), Hafnium is attacking infectious disease researchers, law firms, universities, defense contractors, policy think tanks, and NGOs in the US aiming to withdraw sensitive information.  Cyberse ..