SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
Summary
The threat actor group SloppyLemming has been identified in a series of attacks against government entities and critical infrastructure in Pakistan and Bangladesh. These attacks, occurring between January 2025 and January 2026, utilize two different methods to deploy malware, including BurrowShell and a Rust-based payload.
IFF Assessment
The article describes a sophisticated threat actor targeting government infrastructure with custom malware, indicating a concerning development for defenders.
Defender Context
Defenders should be aware of the SloppyLemming threat actor and their evolving tactics, techniques, and procedures (TTPs). Monitoring for the specific malware families mentioned, BurrowShell and the Rust-based variant, is crucial, especially for organizations in Pakistan and Bangladesh. This highlights the need for robust endpoint detection and response (EDR) and network traffic analysis to identify and mitigate these dual malware chain attacks.