This extensive cyber operation, active for over 14 years, primarily targets Indonesian citizens through illegal gambling platforms, malware distribution, and website hijacking. Researchers suggest it also serves as a command and control hub, employing sophisticated techniques to evade detection. #Malanta #IndonesianCyberThreats
Keypoints
- The operation controls over 328,000 domains, including hacked websites and hijacked subdomains.
- It has evolved from facilitating gambling to include SEO manipulation, data theft, and malware distribution.
- Attackers hijack legitimate domains and subdomains to host malicious content and bypass security measures.
- The operation uses HTTPS proxies and shared cookies to disguise malicious traffic as legitimate activity.
- The threat group appears to be Indonesian or have localized operatives, with no direct evidence of government backing.
Read More: https://www.helpnetsecurity.com/2025/12/03/indonesian-online-gambling-network/