Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh

by CIRT Team

The Bangladesh e-Government Computer Incident Response Team (BGD e-GOV CIRT) has identified multiple IP addresses linked to the Fog Ransomware group (aka Lost in Fog) within Bangladesh. These addresses appear to originate from Russia, suggesting that the attackers might be operating from or routing their activities through that region. However, the exact location of the attackers remains uncertain due to their use of advanced masking techniques, such as proxy servers or VPNs, which obscure their true geographic location and complicate tracing efforts. Based on previous incidents involving the Fog Ransomware group, the attack may have been initiated after the attackers gained access through compromised VPN credentials. Once inside the networks, they could target both Windows and Linux systems, indicating a broad and potentially coordinated attack affecting a wide range of IT environments within Bangladesh.

Read the full Document Here

CIRT Team

Recommended Posts

Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages

08 Oct 2024 - Security Advisories & Alerts

Ransomware Attack to Service Providers of Financial Institutions

01 Aug 2024 - Security Advisories & Alerts

Advisory on Web Application and Database Security

25 Jul 2024 - Security Advisories & Alerts