WTF?! The cybercriminal group that infected Indonesia's Temporary National Data Center (PDNS) with a strain of malware has freely released the decryption key to the government and apologized. The hackers think that this act of generosity shouldn't go unrewarded, though, and are asking for public donations that can be deposited into a crypto account.
On June 20, Indonesia's Temporary National Data Center (PDNS), which is operated by the Ministry of Communications and Information Technology, was compromised by a variant of the LockBit 3.0 malware called Brain Cipher.
At least 210 institutions were impacted and some of the country's services faced severe disruption as a result of the attack, but the main talking point was how 98% of the government data stored in one of the two compromised data centers had not been backed up.
The hackers demanded 131 billion Rupiah, or around $8 million, for the decryption key, which the government said it would not be paying.
Now, the group has apologized for its actions and handed over the decryption key – a 54 kb ESXi file – without receiving any ransom money.
In a statement posted by intelligence company Stealth Mole, the hackers said sorry for the fact the attack affected everyone.
Ransomware gang Brain Cipher announced they'll release decryption keys for free this Wednesday. They emphasized the need for cybersecurity funding and specialists. Apologies to Indonesia for the disruption. They request public acknowledgment of their decision. pic.twitter.com/FNNg0YsoAp
– Fusion Intelligence Center @ StealthMole (@stealthmole_int) July 1, 2024
The group added that the incident made it clear how important it is to finance the industry and recruit qualified specialists. It claims that the attack did not have a political context, and that it was acting as a penetration tester with post payment. It also said that if the government felt it wrong to thank the hackers for their incredible generosity, then citizens could leave a donation via the included monero wallet address.
In a separate statement posted on a dark web account, the hackers wrote that this is the first and last time one of its victims will receive a decryption key for free. It also boasted that "the attack was so easy that it took us very little time to unload the data and encrypt several thousand terabytes of information."
"Brain Cipher" Distributes Decryption Keys for Free
– Fusion Intelligence Center @ StealthMole (@stealthmole_int) July 3, 2024
They released an additional statement on their dark web site with answers to seven popular questions. It includes reasons for attacking the data center and thanking the citizens of Indonesia for their patience, among other… pic.twitter.com/ngv1HH848i
News that the data centers relied on Windows Defender and the lack of backups shocked the nation. Indonesia's president Joko Widodo ordered an audit on government data centers following the attack, and there are calls for communications and informatics minister Budi Arie Setiadi to resign.