Tag: INDONESIA

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Summary: Cybersecurity researchers have uncovered a campaign targeting PHP-based web servers to promote gambling sites in Indonesia, utilizing Python-based bots for exploitation. The attacks leverage GSocket to establish communication channels and redirect users searching for gambling services to malicious domains. This coordinated effort has been linked to a broader malware campaign affecting thousands of sites globally.…
Read More

In recent months, Indonesia has found itself at the center of two significant global cyber threats, highlighting the growing sophistication and reach of state-sponsored and financially motivated hacking groups. These incidents underscore the importance of cybersecurity vigilance in the face of increasingly complex attacks.

FBI Disrupts PlugX Malware Campaign Affecting Indonesia

The U.S.…

Read More
Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
Summary: The Lazarus Group, linked to North Korea, has launched a new cyber attack campaign known as Operation 99, targeting software developers in the Web3 and cryptocurrency sectors. The campaign employs fake recruiters on platforms like LinkedIn to lure victims into cloning malicious GitLab repositories, ultimately embedding malware in their environments.…
Read More
Summary: A new report from Arctic Wolf Labs reveals a campaign targeting Fortinet FortiGate firewalls, where threat actors exploited vulnerabilities to manipulate configurations and gain unauthorized access. The campaign, observed between November and December 2024, involved multiple phases of exploitation affecting various organizations.Threat Actor: Unknown | unknown Victim: Organizations using Fortinet FortiGate firewalls | organizations using Fortinet FortiGate firewalls

Key Point :

Threat actors exploited management interface vulnerabilities to alter configurations and extract credentials.…
Read More

Victim: PT PINS Indonesia Country : ID Actor: dragonforce Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=7af0bed0-5070-489b-a00f-69bd3b67d15a Discovered: 2025-01-13 21:22:18.449069 Published: 2025-01-13 21:21:13.429752 Description : PT PINS Indonesia adalah anak usaha Telkom Indonesia yang bergerak di bidang IoT. Untuk mendukung kegiatan bisnisnya, perusahaan ini memiliki delapan kantor area, yakni di Medan, Jakarta, Bandung, Semarang, Surabaya, Denpasar, Makassar, dan Balikpapan.…
Read More
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
Summary: A cybersecurity operation by watchTowr Labs has successfully hijacked over 4,000 unique web backdoors by taking control of abandoned domains, allowing them to track compromised systems and potentially commandeer them. This initiative highlights vulnerabilities in the infrastructure used by various threat actors, revealing significant oversight in their operations.…
Read More
RedDelta: Chinese State-Sponsored Group Targets Mongolia, Taiwan, and Southeast Asia with Evolving Cyber Threats
Insikt Group has reported that the Chinese state-sponsored group RedDelta has been actively targeting various Southeast Asian countries, including Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia, from July 2023 to December 2024. The group utilized spearphishing tactics with customized documents to distribute its PlugX backdoor. Notable targets included government entities and NGOs, with a focus on geopolitical interests in the region.…
Read More

### #RIBridgesBreach #BrainCipherGang #DataLeakAlert

Summary: The Brain Cipher ransomware group has begun leaking sensitive documents stolen from Rhode Island’s RIBridges social services platform, affecting approximately 650,000 individuals. This breach exposes personal information, including names, addresses, and Social Security numbers, raising significant concerns for the impacted residents.…

Read More