Indonesian government ransomware hackers apologize, give out encryption key

“We were just pentesters,” culprits claim

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers that used ransomware to recently lock servers belonging to the Indonesian government,disrupting the everyday lives of millions of citizens, have apologized for their misbehavior.

Singaporean dark web intelligence firm Stealth Mole has published a message allegedly written by the Brain Cipherransomwareorganization, stating, “Citizens of Indonesia, we apologize for the fact that it affected everyone.”

The group added it was only acting as penetration testers, and released a decryptor to restore the locked files.

Attacking the National Data Center

The group also said it wasn’t pressured into apologizing and restoring the files, not by the government, or by anyone else.

“We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists,” the letter further reads. “In this case, the attack was so easy that it took us very little time to unload the data and encrypt several thousand terabytes of information.”

“We’re not haggling,” the attackers said, despite having previously demanded $8 million in exchange for keeping the data safe, and for sharing the decryption key - an offer the Indonesian government turned down.

Now, the attackers are sharing a key, in the form of a 54 kb ESXi file, whose validity is yet to be confirmed.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Indonesian government officials had confirmed its NationalData Center(PDN) was struck on June 20, with the attack apparently organized by an affiliate of LockBit, and the encryptor used was LockBit 3.0.

At least 210 national institutions were affected by the incident, including the nation’s immigration office, which led to problems in issuing passports, visas, residence permits, and similar - leading to long lines at airports around the country.

ViaThe Register

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set