nightsky attacks AKIJ GROUP

Incident Date:

January 4, 2022

World map



nightsky attacks AKIJ GROUP






Tej Gaon, Bangladesh

Dhaka, Bangladesh

First Reported

January 4, 2022

AKIJ Group Suffers Ransomware Attack by Night Sky

The Bangladeshi conglomerate AKIJ Group has been targeted by the ransomware group Night Sky, as reported on their dark web leak site. The company, which operates in the manufacturing sector, has a long-standing history in Bangladesh, with its roots dating back over half a century. AKIJ Group is known for its diverse activities and products, including Akij Agro, iBos Limited, Akij Biax, Akij Cement, Akij Central Workshop, and Akij Group.

The ransomware attack on AKIJ Group is part of a broader trend of cyber threats targeting various sectors, including finance, government, real estate, manufacturing, and health care. Night Sky, which operates a Ransomware-as-a-Service (RaaS) model, has been active since March 2023 and has been linked to significant disruptions, such as an attack on Finnish IT services provider Tietoevry in January.

The extent of the damage to AKIJ Group's systems has not been disclosed, but the attack on their file server resulted in the leak of sensitive data, including emails of all company directors and business system database data. The group's vulnerabilities may include insufficient cybersecurity measures, as the report suggests that many organizations in Bangladesh have inadequate cyber threat assessment and detection systems.

AKIJ Group's size and standing in the industry make them a significant target for cybercriminals. As one of the biggest conglomerates in Bangladesh, they employ a large number of people and are involved in various sectors, making them a potential source of valuable data. The group's non-profit concerns also contribute to the country's development and social welfare, further highlighting their importance in the Bangladeshi economy.

In response to the attack, it is crucial for AKIJ Group to prioritize their cybersecurity and implement robust measures to protect their systems and data from future threats. This includes regular updates and patches, employee training, and the use of multi-factor authentication for VPNs.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.