Bank Indonesia Confirms Conti Ransomware Attack; Stolen Files Leaked
Bank Indonesia (BI), the central bank of the Republic of Indonesia, confirmed a ransomware attack hit its networks last month.
During the attack, on a central bank office on the island of Sumatra, the perpetrators allegedly stole “non-critical” employee data and deployed ransomware payloads on several devices on its network, according to CNN Indonesia.
As Reuters reports, a BI representative claimed the attack was mitigated before affecting the bank’s public services. Furthermore, a spokesman for Indonesia’s National Cyber and Crypto Agency (BSSN) said the attackers didn’t manage to extract any critical data.
"We were attacked, but so far so good as we took anticipatory measures and most importantly public services at Bank Indonesia were not disrupted at all," said Erwin Haryono, head of BI’s communications department.
The bank’s representatives didn’t attribute the attack to any ransomware gang. However, the Conti ransomware group claimed the attack and added the Bank Indonesia to their list of victims on a Tor leaks site, stating it stole approximately 14 GB (13.88 GB) worth of files.
Conti is a Ransomware-as-a-Service that surfaced in the threat landscape at the end of 2019 and spread mainly through TrickBot infections. Experts believe the operation is linked to Wizard Spider, a notorious Russia-based cybercrime group known for other malware strains, such as BazarLoader and Ryuk.
The gang seems to focus on high-profile corporate networks, which they compromise by targeting critical devices with BazarLoader or TrickBot malware to gain unauthorized remote access. After breaching the network, threat actors try to spread by infecting other connected devices.
By covering as much ground as possible, attackers can harvest and leak data to their C2 (Command and Control Infrastructure) before deploying ransomware payloads on the network.
The ransomware group is believed responsible for more than 500 organizations worldwide. In the past, the FBI, NSA, CISA and other authorities have issued warnings to address the increase in ransomware attacks by the Conti gang.
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022
Why and how to hide your IP address while traveling
April 13, 2022
How Bitdefender Can Help Restore Your Privacy in the Digital Age
April 04, 2022
How Strong is VPN Encryption?
February 28, 2022
Top Three Ways Internet Users Unknowingly Help Cybercriminals
February 25, 2022