At least one undisclosed organization in Bangladesh
January 1, 2025
•[ cyber-espionage, typosquatting, Havoc C2 ]
Industrial Cyber summarized Arctic Wolf Labs findings that SloppyLemming conducted an extensive cyber-espionage campaign from January 2025 through January 2026 targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The report notes recurring tradecraft such as typosquatted government-themed infrastructure, Cloudflare Workers use, Havoc C2, and DLL sideloading, and names several targeted entities across defense, telecom, energy, and nuclear regulation. This is campaign-level reporting with multiple targets rather than a single incident record.
