Mengenal Brain Cipher, Hacker yang Klaim Bertanggung Jawab atas Serangan ke PDN

Kompas.com

2 Jul 202403:14

Summary

TLDRA recent account on the Dark Web claiming to represent the hacker group 'Brain Cyper' announced they would provide a free decryption key for data held hostage in a ransomware attack on Indonesia’s national data center (PDNS). The ransomware attack, using a variant of Lock 3.0, occurred on June 20, 2024. Brain Cyper apologized to the Indonesian public and advised the government to strengthen cybersecurity measures. They also warned victims not to involve authorities during negotiations, threatening to leak the stolen data if terms were violated.

Takeaways

🔐 A group called Brain Cyper has claimed responsibility for a ransomware attack on Indonesia's national data center.
🗓️ Brain Cyper announced they will release the decryption keys for free on July 3, 2024, after previously stating June 20, 2024.
💻 The ransomware attack was executed using a variant named Lock 3.0, suggesting a more advanced form of cyber threat.
🌐 The announcement on the Dark Web was titled 'More Important Than Money: Only Honor', including a logo of Kenkomino.
🚨 Brain Cyper urged the Indonesian government to improve its cybersecurity systems in response to the attack.
🙏 They also apologized to the Indonesian people for the disruption caused.
💬 The group set specific rules for ransom payment, including the use of cryptocurrency Monero and no involvement of security agencies like the FBI or NSA.
🚫 If the conditions are violated, Brain Cyper threatens to halt negotiations and publish the victim's data on their website.
🔒 Brain Cyper's ransomware not only adds an extension to encrypted files but also encrypts the file names.
💼 The group infiltrates company networks, steals admin credentials, and spreads the ransomware to lock all data, using stolen data as leverage for ransom demands.

Q & A

What is the significance of the 'brand cyper' account on the Dark Web?
-The 'brand cyper' account on the Dark Web recently claimed to offer free decryption keys to unlock data from the national data center, following a ransomware attack.
When did the ransomware attack on the national data center (PDNS) occur?
-The ransomware attack on PDNS occurred on June 20, 2024.
What is Brain Cyper, and what role did they play in the attack?
-Brain Cyper is a hacker group suspected of being responsible for the ransomware attack on the national data center (PDNS).
What is the title of the announcement posted by Brain Cyper on the Dark Web?
-The announcement is titled 'More Important Than Money, Only Honor.'
What is Brain Cyper's message to the Indonesian government?
-Brain Cyper advised the Indonesian government to improve its cybersecurity systems in response to the ransomware attack.
Did Brain Cyper apologize to the public? If so, why?
-Yes, Brain Cyper apologized to the Indonesian public for the disruption caused by their ransomware attack.
What conditions did Brain Cyper impose for the ransom payment?
-Brain Cyper stated that ransom payments must be made via blockchain using the cryptocurrency Monero, and victims must not involve law enforcement agencies like the FBI, CSI, or NSA.
What could happen if Brain Cyper's ransom conditions are violated?
-If the conditions are violated, Brain Cyper will cease negotiations and publish the victim's data on their website.
What type of ransomware did Brain Cyper use, and how is it unique?
-Brain Cyper used a modified version of Lockid 3.0 ransomware, which not only encrypts files but also encrypts file names.
How does Brain Cyper execute its ransomware attacks?
-Brain Cyper penetrates a company or institution's network, moves laterally to other devices, steals admin credentials, and deploys ransomware to encrypt data while stealing it to extort the victim.