The Reveal Platform
Intel Name: Sikkahbot malware campaign lures and defrauds students in bangladesh
Date of Scan: September 2, 2025
Impact: High
Summary: Our team discovered an Android malware, “SikkahBot,” active since July 2024, targeting students in Bangladesh. Disguised as apps from the Bangladesh Education Board, it lures users with fake scholarships to steal sensitive data. It abuses permissions like SMS access and Accessibility Service to hijack banking credentials in banking apps (bKash, Nagad, DBBL) and automate USSD transactions. Spread via smishing and fake APK links, SikkahBot harvests personal, financial, and mobile wallet details.
