Summary: A new report by Arctic Wolf Labs reveals the emergence of the Indonesian hacktivist group INDOHAXSEC, which has been conducting various cyberattacks, including DDoS and ransomware attacks, largely motivated by political ideologies. The group, which is known for targeting entities perceived to support Israel, has also formed an alliance with the pro-Russian group NoName057(16). INDOHAXSEC utilizes a variety of custom tools and has drawn from other hacktivist group members, employing social media to propagate their activities and ideologies.
Affected: Various governmental and organizational bodies in Southeast Asia
Keypoints :
- INDOHAXSEC was established in early October 2024 and is involved in politically motivated cyber activities.
- The group maintains a GitHub repository with tools for DDoS attacks and ransomware deployments.
- They primarily target organizations supporting Israel, aligning their activities with pro-Palestinian sentiments.
- INDOHAXSEC has claimed to develop a successor to the WannaCry ransomware, though this claim remains unverified.
- The group uses Telegram and social media platforms to communicate, coordinate attacks, and disseminate propaganda.