Welcome to the new edition of our report. As we bid farewell to the year 2023, let’s …
Tag: INDONESIA
Victim: Samuel Sekuritas Indonesia & Samuel Aset Manajemen Country : ID Actor: trigona Source: http://krsbhaxbki6jr4zvwblvkaqzjkircj7cxf46qt3na5o5sj2hpikbupqd.onion/leak/1905433c Discovered: 2024-01-18 23:24:57.296563
Description: PT Samuel Sekuritas Indonesia (SSI) is a prominent financial advisory company …
Victim: www.kai.id “FF” Country : ID Actor: stormous Source: http://pdcizqzjitsgfcgqeyhuee5u6uki6zy5slzioinlhx6xjnsw25irdgqd.onion/DataPage/18397815624.html Discovered: 2024-01-14 14:44:39.685650
Description: “PT Kereta Api Indonesia” is the national railway company in Indonesia, also known as “Kereta Api.” …
Since the beginning of 2023, ESET researchers have observed an alarming growth of deceptive Android loan apps, which present themselves as legitimate personal loan services, promising quick and easy access …
Dark Pink employs a variety of tools and custom-built malicious software designed for data theft and espionage. Their specialized toolkit comprises:
Cucky: A straightforward…Resecurity has identified an alarming rise in ransomware operators targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations …
Victim: Pelindo Country : ID Actor: bianlian Source: http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion//companies/pelindo.co.id/ Discovered: 2023-10-11 19:01:21.814229
Description: PT Pelabuhan Indonesia (Persero), trading as Pelindo, is Indonesian state-owned port operation company that offers an integrated …
The fake USPS phishing page.
Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here’s a look at an extensive …
The realm of cybersecurity is becoming more and more chaotic with each passing day, and there will always be a new actor entering the world of cybersecurity. The Dark Pink …
Victim: Smartfren Telecom Country : ID Actor: bianlian Source: http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion//companies/smartfren.com/ Discovered: 2023-09-21 14:34:16.611187
Description: PT Smartfren Telecom Tbk, together with its subsidiaries, provides telecommunication services in Indonesia. The company develops, …
Victim: PT. Cahaya Benteng Mas Country : ID Actor: 8base Source: http://basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onion/company/7890233 Discovered: 2023-08-29 13:04:13.586573
Description: PT Cahaya Benteng Mas was originally an individual business pioneered by Mr. Indra Iswaratioso …
In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down …
Resecurity has identified a large-scale smishing campaign targeting US Citizens. Previous incidents have impacted victims from the U.K, Poland, Sweden, Italy, Indonesia, Japan, and other countries. The threat group behind …
Victim: first-resources-ltd Country : ID Actor: cloak Source: Discovered: 2023-08-24 07:41:58.338920
Description: country: Indonesia …
Victim: United Tractors Country : ID Actor: rhysida Source: Discovered: 2023-08-03 09:07:07.923156
Description: United Tractors United Tractors is a heavy equipment distribution company headquartered in Jakarta, Indonesia. …
Trend Micro’s Mobile Application Reputation Service (MARS) team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users.
Trend Micro’s Mobile Application Reputation …
Victim: Badan Operasi Bersama Pt Bumi Siak Pusako Pertamina Hulu Country : ID Actor: alphv Source: http://alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion/1fa51d74-025d-4fc2-ae5b-68095810d2da Discovered: 2023-07-26 14:20:54.517872
Description: Data: http://i4utqt3qnrm2hxhvitunmj4b7777svzbzrc4ewig6j4g6g5zzqahz2qd.onion Badan Operasi Bersama Pt Bumi Siak Pusako …
Victim: FajarPaper was hacked The most dangerous company to cooperate with in Indonesia may pose a Country : ID Actor: alphv Source: http://alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion/5f390f17-b271-47b0-a13a-5bdb52e2a6f4 Discovered: 2023-07-26 14:33:02.869610
Description: Who is FajarPaper …
Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded …
Since early January 2023, there has been a notable surge in activity targeting European foreign affairs entities linked to Southeast and East Asia. The threat actors responsible are …
SharpPanda, an APT group originating from China, has seen a rise in its cyber-attack operations starting from at least 2018. The APT …
Victim: Fort Rolins Collection Agency Country : ID Actor: malas Source: http://malas2urovbyyavjzaezkt5ohljvyd5lt7vv7mnsgbf2y4bwlh72doqd.onion/posts/fortrolins/ Discovered: 2023-05-18 11:29:55.649054
Description:
They act like they don’t see🙈 our ransom note🗒 , or they just don’t …
Victim: bankbsi.co.id Country : ID Actor: lockbit3 Source: http://lockbitapt72iw55njgnqpymggskg5yp75ry7rirtdg4m7i42artsbqd.onion/post/mYOkRWStPzbZwVLG645eab1a1f6e0 Discovered: 2023-05-12 21:55:26.067273
Description: On May 8, we attacked Bank Syariah Indonesia, completely stopping all of its services. The management of …
After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat (APT) group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of …
In 2021, Check Point Research published a report on a previously undisclosed toolset used by Sharp Panda, a long-running Chinese cyber-espionage operation targeting Southeast Asian government entities. Since then, we have …
Victim: PetroChina Indonesia Country : ID Actor: medusa Source: http://medusaxko7jxtrojdkxo66j7ck4q5tgktf7uqsqyfry4ebnxlcbkccyd.onion/detail?id=247b85feeedd6262fc234fb8de6ac8c7 Discovered: 2023-02-15 05:26:55.494214
Description: PetroChina Indonesia is a company that operates in the Oil & Energy industry. It employs 251-500 …
Victim: Global Mining Products Country : ID Actor: avoslocker Source: Discovered: 2023-02-11 15:54:59.174946
Description: Global Mining’s Product Catalog is available for download. MINExpo 2012 Please Visit Global Mining Products Inc …
For each of these domains, the sample tries to connect to many of its subdomains. Most subdomains will start with the letter x, w, or m, followed by a number. …
Victim: bplawyers.co.id Country : ID Actor: lockbit3 Source: Discovered: 2023-02-05 11:17:51.476434
Description: BP Lawyers Corporate Law Firms merupakan Konsultan Hukum Indonesia, Jasa Pembuatan Kontrak Kerja Bisnis di Jakarta Terbaik, Berpengalaman …
Major drug markets in the Dark Web are now worth around $315 million annually
The Resecurity® Hunter unit performed an extensive analysis of current trends and dynamics related to the …
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda’s Rust variant has targeted vital industries like its Go counterpart. In this blog, we …
Victim: Astra Daihatsu Motor (ID) Country : ID Actor: daixin Source: Discovered: 2022-11-24 02:12:34.937211
Description: PT Astra Daihatsu Motor is an automobile manufacturing company based in Jakarta, Indonesia. It is …
We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This entry breaks down the technical details of the campaigns in …
Online banking is convenient as it allows users to make money transfers, bill payments, verify their balance, and access accounts 24/7 at …
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware.
SummaryQAKBOT’s …
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and Africa. This ransomware is called Agenda and is customized per …
We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension.
Update (8/12/2022 2:05AM EST): We …
Victim: Ministry of Agriculture Rebublic Indonesia Country : ID Actor: vicesociety Source: Discovered: 2022-06-27 21:44:54.942418
Description: Indonesia’s rich natural resources are influenced by its tropical climate and geographical location between …
Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules within IIS, a popular web server edited by Microsoft. And …
ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible for multiple sets of attacks detected since December 2020 against …
Users who download cracked software risk sensitive personal data being stolen by hackers.
Are you interested in downloading free, cracked software? If so, you should know what you’re getting into. …
Emotet was first found in the wild in 2014. Back then its main functionality was stealing user banking credentials. Since then it has survived numerous transformations, started delivering other malware …
Since its reemergence on Nov. 14, 2021, Black Lotus Labs has once …
BlueNoroff is the name of an APT group coined by Kaspersky researchers while investigating the notorious attack on Bangladesh’s Central Bank back in 2016. A mysterious group with links to …