Connect with us

Hi, what are you looking for?

Tech

Brain Cipher Ransomware Attack Disrupts Indonesia’s National Data Center, Demands $8 Million Ransom

Brain Cipher Ransomware Attack Disrupts Indonesia’s National Data Center, Demands $8 Million Ransom
Brain Cipher Ransomware Attack Disrupts Indonesia’s National Data Center, Demands $8 Million Ransom

The Brain Cipher ransomware group caught international attention by attacking Indonesia’s temporary National Data Center on June 20th. This attack encrypted government servers, disrupting important services like immigration and passport control.

Over 200 government agencies were affected. The Indonesian government confirmed Brain Cipher was responsible. The attackers demanded $8 million in Monero cryptocurrency, threatening to leak stolen data if the ransom wasn’t paid.

Brain Cipher is a recently launched ransomware operation that targets organizations worldwide. Initially, the group did not have a data leak site, but their latest ransom notes now link to one, indicating their strategy of using double-extortion tactics. BleepingComputer has identified multiple samples of the Brain Cipher ransomware, which have been uploaded to various malware-sharing sites in recent weeks.

These samples were created using the leaked LockBit 3.0 builder, a tool that other cybercriminals have also exploited to launch their ransomware operations. Brain Cipher has made slight modifications to the encryptor, such as encrypting file names and appending extensions.

Brain Cipher Ransomware Attack Disrupts Indonesia’s National Data Center, Demands $8 Million Ransom

Brain Cipher Ransomware Attack Disrupts Indonesia’s National Data Center, Demands $8 Million Ransom

The ransomware operation also involves creating ransom notes formatted as [extension].README.txt, which contain brief descriptions of the attack, threats, and links to the Tor negotiation and data leak sites. Each victim receives a unique encryption ID for communication with the attackers via a Tor-based chat system.

One variation of the ransom note observed by BleepingComputer used the file name ‘How To Restore Your Files.txt.’ This system allows victims to negotiate with the ransomware gang directly.

In line with other ransomware operations, Brain Cipher’s attack methodology involves breaching corporate networks, moving laterally to other devices, and deploying ransomware after obtaining Windows domain admin credentials.

Prior to encrypting files, the attackers steal corporate data to leverage their extortion demands, warning victims of public data release if ransomware is not paid. The recently launched data leak site by Brain Cipher currently does not list any victims, but it is a crucial part of their extortion strategy.

Negotiations monitored by BleepingComputer reveal that Brain Cipher’s ransom demands range from $20,000 to $8 million.

Since the Brain Cipher encryptor is based on the LockBit 3.0 encryptor, it has been extensively analyzed, and unless Brain Cipher has altered the encryption algorithm, there are currently no known methods to recover the encrypted files without paying the ransom. The development of this ransomware operation highlights the ongoing evolution and adaptation of cybercriminal tactics in targeting organizations worldwide.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Tech

Amazon Web Services (AWS) recently unveiled several innovations aimed at enhancing the development and deployment of generative AI applications, addressing concerns around accuracy and...

News

AU10TIX, an Israeli company that verifies IDs for clients like TikTok, X, and Uber, accidentally left important admin credentials exposed for over a year....

Cars

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos.

Tech

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos.