APT / THREAT GROUP
SloppyLemming
1
aliases
Last seen:Mar 17, 2026
Intelligence Profile
SloppyLemming is an advanced actor that uses multiple cloud service providers to facilitate different aspects of their activities, such as credential harvesting, malware delivery and command and control (C2). This actor conducts extensive operations targeting Pakistani, Sri Lanka, Bangladesh, and China. Industries targeted include government, law enforcement, energy, telecommunications, and technology entitie
Threat Analysis
SloppyLemming is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning SloppyLemming
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
The Hacker News· Mar 3, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases1
SourceMalpedia
Also Known As
SloppyLemming
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.