Find notable cyber news and cases, enriched with sources, timelines, and signals.

DoNot Team Bangladesh military and defence espionage campaign

Campaign
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

A DoNot Team espionage campaign targeted Bangladesh's military and defence establishments, using spear-phishing RTF files to deliver a DLL implant and establish scheduled-task persistence. The operation relied on remote template injection, a VBA macro, and geofencing to deliver payloads only to intended victims. The implant disguised itself as OneDrive telemetry, profiled hosts, and beaconed to C2 over HTTPS, indicating a focused effort to maintain access and support intelligence collection.

Related Happenings

APT28 long-term espionage campaign targeting Ukrainian military personnel

Campaign
H score32 First: 10.03.2026 12:55 Last: 10.03.2026 12:55 Sources 1

About this happening: A sustained APT28 espionage campaign is using BEARDSHELL and COVENANT to surveil Ukrainian military personnel, extending access through cloud-based C2 and incr...

Evasive Panda DNS poisoning MgBot espionage campaign

Campaign
H score33 First: 26.12.2025 16:44 Last: 26.12.2025 16:44 Sources 1

About this happening: Evasive Panda ran a highly targeted cyber espionage campaign that used DNS poisoning to deliver MgBot to victims in Türkiye, China, and India. The operation wa...

Timeline

  1. 17.07.2026 11:46 2 articles · 3h ago

    DoNot Team targets Bangladesh's military and defence establishments with spear-phishing RTF files

    Initial Disclosure

    DoNot Team conducted a targeted cyber espionage operation against Bangladesh's military and defence establishments, using spear-phishing emails with a malware-laced RTF document to drop a DLL implant that established scheduled-task persistence, profiled the host, and beaconed to a C2 server over HTTPS.

    Show sources