US EditionSloppyLemming Espionage Campaign Uses BurrowShell Backdoor and Rust RAT to Hit Pakistan and Bangladesh Targets
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.4 Articles
4 Articles
SloppyLemming Espionage Campaign Uses BurrowShell Backdoor and Rust RAT to Hit Pakistan and Bangladesh Targets
A suspected India-aligned threat group known as SloppyLemming has been conducting a sustained espionage campaign against government agencies, defense organizations, nuclear oversight bodies, and critical infrastructure operators in Pakistan and Bangladesh. Active since 2021 and also tracked as Outrider Tiger and Fishing Elephant, the group deployed two newly documented tools between January 2025 and January […] The post SloppyLemming Espionage C…
Arctic Wolf has revealed a cyberspionage campaign that can be ascribed with moderate security "SloppyLemming" (also known as Outrider Tiger and Fishing Elephant). The aim was to establish state institutions and critical infrastructure in Pakistan and Bangladesh in the period from January 2025 to January 2026. The campaign represents a further development of the activities documented by Cloudflare Cloudforce-One for the first time in September 20…
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026. It involves the use of two distinct attack chains to deliver malware families tracked as BurrowShell and a Rust-based
SloppyLemming Deploys BurrowShell and Rust-Based RAT to Target Pakistan and Bangladesh
Summary Between January 2025 and January 2026, Arctic Wolf tracked an extensive cyber espionage campaign that we assess was conducted by SloppyLemming (also known as Outrider Tiger and Fishing Elephant), an India-nexus threat actor, targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. To our knowledge, this report documents previously unreported tooling, infrastructure, … SloppyLemming Deploys BurrowShe…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
