The cyber crime group that locked up an Indonesian national data center last month, impacting hundreds of government services, has opted to provide the ransomware decryptor for free. This was accompanied by an apology, but also a donation link exhorting the Indonesian government and public to show gratitude for their supposed generosity.
“Brain Cipher” is a relatively new group that uses their own version of the LockBit 3.0 ransomware build, created from a version that was leaked by a former LockBit developer in 2023. The group had been trying to extort a payment of $8 million from the country before its sudden outburst of charity.
Read more…
Source: CPO Magazine
Related:
- A closer look at the Tria stealer campaign
January 30, 2025
Since mid-2024, Kaspersky researchers observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which they have named “Tria Stealer” after unique strings found in campaign samples. The primary targets of the campaign are users in Malaysia and Brunei, with Malaysia being the most affected ...
- Dangerous new botnet targets webcams, routers across the world
January 22, 2025
Cybersecurity researchers from the Qualys Threat Research Unit have observed a new large-scale operation exploiting vulnerabilities in IP cameras and routers to build out a botnet. In a technical analysis, Qualys said the attackers were mostly exploiting CVE-2017-17215 and CVE-2024-7029, seeking to compromise AVTECH IP cameras, and Huawei HG532 routers. The botnet is essentially Mirai, although ...
- Indonesia’s tax agency probes alleged personal data breach
September 19, 2024
Indonesia’s tax agency is investigating an alleged data breach that exposes the taxpayer identification numbers of millions of Indonesians, including President Joko “Jokowi” Widodo, his ministers and his two sons, an official said. A series of cyber-attacks have hit Indonesian companies and government agencies in the past few years, which experts attribute to the government’s lax ...
- Asia’s SMS stealers: 1,000 bots and one study
July 11, 2024
Attackers have increasingly started using Telegram as a control server (C2). One example is the Lazy Koala group, which Positive Technologies researchers recently discovered and set out to study. While researching bots on Telegram, Positive Technologies team found that many are from Indonesia. The researchers were struck by the huge numbers of messages and victims, and ...
- Cyber Crime Group Provides Ransomware Decryptor to Indonesian National Data Center
July 9, 2024
The cyber crime group that locked up an Indonesian national data center last month, impacting hundreds of government services, has opted to provide the ransomware decryptor for free. This was accompanied by an apology, but also a donation link exhorting the Indonesian government and public to show gratitude for their supposed generosity. “Brain Cipher” is a ...
- Airports, Student Aid Services Struck by Indonesian Cyber Attack
June 28, 2024
Indonesia’s parliament called the government to task over another cyber attack that led to airport and scholarship services being put out of service. The ransomware attack that affected hundreds of ministries and public institutions was “catastrophic,” said lawmaker Tubagus Hasanuddin in a Thursday evening hearing with the communications minister and the head of state cybersecurity agency. ...