An international hacking group known as ‘Kasablanka’ has started a malware campaign targeting Bangladeshi critical service websites.

Cyber Threat Research team of Bangladesh Computer Council’s e-Government Computer Incident Response Team (BGD e-GOV CIRT) on Wednesday sent out the warning of a cyber attack on a massive scale by the group.

A handout from the BGD e-GOV CIRT also warned that the specific type of malware is targeting users or consumers from different financial and government institutions in the country.
BGD e-GOV CIRT urged financial and government institutions at risk to ensure proper information and cybersecurity awareness training among all the employees, customers, and consumers and properly educate customers and consumers in using their applications such as Mobile Banking service, etc.

They also requested to report or inform BGD e-GOV CIRT regarding any incident of a breach at https://www.cirt.gov.bd/incident-reporting/.

The specific campaign utilised type of Remote Access Trojan (RAT). Some of the targeted services/institutions and their spoofed domains are Bangladesh Police (bdpolice.co), Islami Bank (isiamibankbd.com), Govt. Corona Portal (corona-bd.com), bKash (bkashagent.com and bkash.club), Brac Bank (bracbank.info) etc.

Remote Access Trojans (RAT) are a unique type of malware program that includes a back door for administrative control over the target computer. RATs are usually downloaded invisibly with a user-requested programme.