Recent reports detail active exploitation of CVE-2026-33032 in nginx-ui enabling full Nginx server takeover, a coordinated FBI–Indonesian police takedown of the W3LL phishing platform, emergence of the Storm infostealer, Android banking trojans targeting Indon……
Category: Indonesia
Indonesia faces an increasingly complex cyber threat landscape in 2026, with scams, mobile malware, state-sponsored espionage, and ransomware targeting government, banking, telecom, and critical infrastructure. Threat actors are expanding operations across the……
Indonesia saw 3.27 million cyber threats detected against users in Q1 2025, with browser-based drive-by and social engineering as the dominant vectors. The 2025 landscape features double-extortion ransomware actors such as Babuk2, MedusaLocker, Sarcoma, Crypto…
Researchers at Cyble Labs have uncovered a new Android banking Trojan called RedHook that targets Vietnamese users through phishing websites impersonating trusted institutions. This sophisticated malware uses Chinese infrastructure and has the potential to target other Southeast Asian countries, including Indonesia. #RedHook #AndroidTrojan…
Fancy Bear, a Russian cyberespionage group, continues targeting Indonesia’s government, military, and strategic sectors using advanced tactics like spear phishing and malware deployment. Their campaigns aim to gather intelligence and influence geopolitics, emphasizing the need for improved cybersecurity measures in Indonesia. #FancyBear #CyberEspionage…
This comprehensive report details recent cyber threats targeting financial institutions worldwide, including malware, phishing, data breaches, and ransomware attacks, with specific case studies such as the leak of personal data of 44 million users from an Indo…
Cloudflare announced the largest recorded DDoS attack at 7.3 Tbps, which targeted a hosting provider and involved over 122,000 IP addresses globally, including Indonesia. The attack utilized multiple vectors such as UDP flood and reflection attacks, demonstrat…
Operation Secure, an INTERPOL-led initiative, has successfully disrupted over 20,000 malicious IPs and domains associated with infostealer malware across 26 countries, including Indonesia. This operation underscores the growing threat of data-stealing malware that can lead to larger cybercriminal activities. #InfostealerMalware #CybercrimeCoalition…
A critical vulnerability in the Wazuh Server (CVE-2025–24016) is being exploited by threat actors to deploy Mirai botnet variants for DDoS attacks, affecting Indonesia’s cybersecurity infrastructure. The increasing sophistication of these attacks underscores the urgent need for patching, stronger defenses, and coordinated response efforts. #CVE-2025-24016 #MiraiBotnet…
The Crocodilus Android banking trojan is rapidly evolving, targeting users in Asia including Indonesia, by impersonating contacts and using malicious ads to steal financial data. It employs advanced evasion techniques and primarily spreads throughFacebook ads, posing a significant threat to mobile banking security. #Crocodilus #AndroidTrojan…
This cybersecurity report details a sophisticated malware campaign involving PureHVNC RAT, which uses fake job offers from well-known brands to infect victims’ systems. The campaign employs multi-layered obfuscation techniques and advanced persistent methods to evade detection and maintain control of infected devices. #PureHVNC #AutoIt #ProcessHollowing #IndonesiaBrands…
China’s Earth Lamia hacking group targets Asian institutions by exploiting server vulnerabilities and deploying sophisticated malware for cyber espionage. The group’s focus includes government, universities, and IT sectors, with an increasing emphasis on government and educational institutions. #EarthLamia #CyberEspionage…
Indonesia’s Ministry of Communications and Informatics (Kominfo), now Komdigi, failed to maintain its official website’s security, with an SSL certificate expired for 92 days as of May 2025. The lapse exposes citizens to data theft risks, erodes public trust, …
Cybercriminals, likely Vietnamese threat actors, are using counterfeit Facebook pages and ads to trick users into visiting fake Kling AI websites that deploy remote access Trojans and cryptocurrency-stealing malware. This malware campaign leverages social media platforms to target personal informati…
When Indonesia launched the PeduliLindungi app in 2020, it was hailed as a digital savior — a tool to track COVID-19 cases, manage vaccinations, and safeguard public health. Fast forward to 2025, and the app’s legacy is marred by cyberattacks, data leaks, and a government that seems all too eager to…