1 min read

Bank Indonesia Confirms Conti Ransomware Attack; Stolen Files Leaked

Vlad CONSTANTINESCU

January 21, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Bank Indonesia Confirms Conti Ransomware Attack; Stolen Files Leaked

Bank Indonesia (BI), the central bank of the Republic of Indonesia, confirmed a ransomware attack hit its networks last month.

During the attack, on a central bank office on the island of Sumatra, the perpetrators allegedly stole “non-critical” employee data and deployed ransomware payloads on several devices on its network, according to CNN Indonesia.

As Reuters reports, a BI representative claimed the attack was mitigated before affecting the bank’s public services. Furthermore, a spokesman for Indonesia’s National Cyber and Crypto Agency (BSSN) said the attackers didn’t manage to extract any critical data.

"We were attacked, but so far so good as we took anticipatory measures and most importantly public services at Bank Indonesia were not disrupted at all," said Erwin Haryono, head of BI’s communications department.

The bank’s representatives didn’t attribute the attack to any ransomware gang. However, the Conti ransomware group claimed the attack and added the Bank Indonesia to their list of victims on a Tor leaks site, stating it stole approximately 14 GB (13.88 GB) worth of files.

Conti is a Ransomware-as-a-Service that surfaced in the threat landscape at the end of 2019 and spread mainly through TrickBot infections. Experts believe the operation is linked to Wizard Spider, a notorious Russia-based cybercrime group known for other malware strains, such as BazarLoader and Ryuk.

The gang seems to focus on high-profile corporate networks, which they compromise by targeting critical devices with BazarLoader or TrickBot malware to gain unauthorized remote access. After breaching the network, threat actors try to spread by infecting other connected devices.

By covering as much ground as possible, attackers can harvest and leak data to their C2 (Command and Control Infrastructure) before deploying ransomware payloads on the network.

The ransomware group is believed responsible for more than 500 organizations worldwide. In the past, the FBI, NSA, CISA and other authorities have issued warnings to address the increase in ransomware attacks by the Conti gang.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

US Charges Venezuelan Cardiologist with Using, Selling Ransomware US Charges Venezuelan Cardiologist with Using, Selling Ransomware
Vlad CONSTANTINESCU
1 min read
Russian cyber attack on Eurovision foiled by Italian authorities Russian cyber attack on Eurovision foiled by Italian authorities
Graham CLULEY

May 16, 2022

1 min read
Scam Pixelmon NFT Website Hosts Password-stealing Malware Scam Pixelmon NFT Website Hosts Password-stealing Malware
Vlad CONSTANTINESCU
1 min read