Latest
Tech World

Related Stories

Internet users in Bangladesh brace for major price hike amid new telecom policy

New weapon of fraud in Southeast Asia — ‘Starlink’; concern rises in Bangladesh too

AI Could Eliminate 100 Million U.S. Jobs Within a Decade, Warns Bernie Sanders Report

Bangladesh Targeted by New Asia-Pacific Hacker Group ‘Mysterious Elephant’

Staff Correspondent Dhaka
Published: 20 October 2025, 21:39
Bangladesh Targeted by New Asia-Pacific Hacker Group ‘Mysterious Elephant’

A newly identified hacker group called “Mysterious Elephant” has been actively conducting cyberattacks across the Asia-Pacific region, according to Kaspersky’s Global Research and Analysis Team (GReAT).

 

The group has focused mainly on government agencies and organisations involved in foreign affairs throughout countries including Bangladesh, Pakistan, Afghanistan, Nepal, Sri Lanka, and others in the region.

 

Their objective is to steal sensitive data such as official documents, images, and archived files. Kaspersky also revealed that the hackers have tried to access WhatsApp data from their victims.

 

In their 2025 operations, Mysterious Elephant has shifted tactics, combining custom-built malware tools with open-source software to carry out their targeted attacks.

 

They primarily use PowerShell scripts to execute commands, deploy malware, and maintain persistent control over infected systems through legitimate software.

 

A key tool in their arsenal is “BabShell,” a reverse shell that allows direct access to compromised machines to extract confidential data.

 

The group also uses “MemLoader” and “HiddenDesk” modules to run malware covertly in system memory, evading detection by security software.

 

In addition, specialised modules have been deployed to steal WhatsApp files, including shared photos and documents.

 

“The attackers have built an infrastructure designed for stealth and resilience, utilising domains, IP addresses, wildcard DNS records, VPS servers, and cloud hosting services,” explained Noushin Shabab, lead security researcher at Kaspersky GReAT.

 

“Wildcard DNS records enable them to quickly generate unique subdomains for each operation, scaling their attacks while making tracking by defenders extremely difficult.”

Kaspersky emphasised the importance of understanding the group’s tactics, techniques, and procedures (TTPs), sharing threat intelligence, and implementing strong cybersecurity measures to mitigate risks.

 

Organisations are advised to maintain updated software, continuously monitor networks, and provide cybersecurity training to staff.

 

To enhance protection, Kaspersky recommends using its suite of services such as Kaspersky Next, Compromise Assessment, Managed Detection and Response, Incident Response, and Kaspersky Threat Intelligence.

Read more from Tech World
All News

Read More

Internet users in Bangladesh brace for major price hike amid new telecom policy

Internet users in Bangladesh brace for major price hike amid new telecom policy

New weapon of fraud in Southeast Asia — ‘Starlink’; concern rises in Bangladesh too

New weapon of fraud in Southeast Asia — ‘Starlink’; concern rises in Bangladesh too

AI Could Eliminate 100 Million U.S. Jobs Within a Decade, Warns Bernie Sanders Report

AI Could Eliminate 100 Million U.S. Jobs Within a Decade, Warns Bernie Sanders Report