Financial institutions including Bangladesh Bank and couple of private banks and government organizations have been warned for cyber attack as computer incident response team (Cirt) identified a new phishing threat.
Phishing is social engineering attack often used to steal user data, including login credentials and credit card numbers.Hackers have already cloned the site of Bangladesh Bank using the address of bangladesh-bank.com, Bangladesh Police (bdpolice.co), Brac Bank (bracbank.info), Islami Bank (isiamibankbd.com) and mobile financial service provider Bkash (bkash.club), according to the report of BGD E-Gov Cirt, the project to research cyber security in the country.
Besides, attackers tried to allure the people interested for vaccination by using fake web portal (corona-bd.com/apply) cloning the vaccine program associated website (corona.gov.bd).
“A group of hackers targeted to the government and financial sector portal. We have directed all to use the services carefully. A2i is working for fix the issue. And the general people have to aware about the threat while using these services,” Tarique M Barkatullah, project director of BGD e-GOV CIRT, told the Daily Sun.
Officials requested all to avoid such kind of address for respective organizations to keep save the services.
Cirt officials mentioned that an international hacking group generated the phishing from actor known as 'Kasablanka' and advised the respective organization to be vigilant for fear of cyber attacks on several financial and government institutions.
They has advised Bangladesh Bank, Bangladesh Police, Health Ministry and other private agencies. After the incident some banks has closed their online transactions, ATM operations and bank-to-mobile money transfer activities temporarily.However, Bangladesh Bank Executive Director Md Serajul Islam said the central bank has noticed some attempts of data-mining from the website where data are kept for public access.
"The issue does not pose a big threat to the bank's main security. There is no reason for concerns about it. I believe that we are completely secure in areas where security must remain ensured," Serajul, spokesperson for the central bank, told the Daily Sun on Wednesday.
The central bank official claimed they didn’t do anything without staying alert as the site cloned from outside the country.
BGD e-GOV CIRT urged financial and government institutions at risk to ensure proper information and cyber security awareness training among all the employees, customers, and consumers and properly educate customers and consumers in using their applications such as Mobile Banking service, etc.
However, they also clarified that the group is acting to spread their botnets within Bangladesh to tweak for espionage rather than for breaching accounts for financial gains.
This specific campaign utilises a type of RAT (Remote Access Trojan) known as LodaRAT to infiltrate windows and android systems.
Earlier in November, the government had issued a warning against cyber attacks on Bangladeshi banks. Following the alert, many banks in the country limited their ATM services, including cash withdrawals.
On September 7, last year, the central bank issued its latest alert after suspecting that another North Korean hacker group – known as the BeagleBoyz – might be planning to carry out a cyber-attack on Bangladesh's banks.
At the end of last August, Bangladesh Bank had issued a warning about cyber attacks on Bangladeshi banks. Banks were instructed to be vigilant as a North Korean hacker group could carry out the attack.
Five years ago, cyber criminals hacked the Bangladesh Bank's Swift system and stole $81 million. Till today, Bangladesh has not managed to get back even half of the money.
Before this incident, North Korean hackers began sending emails riddled with malware disguised as job applications to Bangladesh Bank officials in 2014, in preparation for the cyber heist of 2016.