𝓝𝓮𝔀𝓼 𝓪𝓷𝓭 𝓗𝓪𝓹𝓹𝓮𝓷𝓲𝓷𝓰𝓼

Explaining Recent Indonesia Malware attack via Whatassp

Submitted by JoeNot on , Thread ID: 1088

beautiful and cute girl?
Level: 2
Likes: 1
Credits: 12
2 Years of service
02-02-2023, 11:17 PM
On beginner of this year there some very unique malware campaign hitting normal folk at Indonesia targeting people's financial and banking apk then drain it up, but this folk are bit idiots and i can say brave enough to use "Indonesian Bank and money infrastructure" to transfer stolen fund and cash it with little effort to cover their track.

People and Mass media called it " Scam attack, fake wedding invitation lead to million lost, fake package message" but none of them barely mention it in fact malware and social engineering attack.

So how this guys do it ?

First you need to choose what kind of malware you use; there many lot options these days for androids like Spynote (leaked source code on forum), Hook and Goodfather. then you need to spend some money on infrastructure for malware, private bulletproof dns/hosting, RDP, VPN etc. it can cost from 100 to 1000 for tool and supporting infrastructure.

after that, you need to decide whose your target is and how many will you hunt. Looking for the target can be challenging since you don't waste your "server.apk" lifespan and not receive anything from your victim. the specialized team usually need to scout for potential target or craft plan to spread server.apk. Usually leak databases that contain detail and phone number are used to scout for potential victims. In Indonesia's case, the guys are targeting random victims and utilizing social engineering to trick victims to open servers.

after the victim install the server.apk  the attacker gain access to the device then do surveillance on victim's device and starts works to drain of any money or from their financial account through apk installed on their phone.

The attacker on this case have managed to drain up the E-wallet account and Banking Apk, in one time they manage drain up to 20.000-30.000 $ from one victim only, banking account.

The overall reason on why attackers using " Undangan pernikahan" (wedding invitation) and Paket dari JNE ( Post package from JNE) and why they are a success because

    Nobody thinks these messages are fake, and most of the victim are not even bother try looking and verifying if this phone number are came from someone they know
    Lack of Digital literacy especially older people, people are basically just straightforwardly believe and following the message to install unknown and suspicious apk and not ever think " why I need to install this apk to just see this goddam message " ?
    Lack of cybersecurity awareness from the general public and a lack of resources from the government or NGO to educate people event after Bjorka and other onslaught last years people still not learn the lesson and take precautions.

But as i mention this guy adventures are short, they to confident police can't track their stolen fund transfer. if they used a burner phone and numbers and exchanged all money for crypto, this would be a different story and they may slip and not get caught.

so basically don't open apk from strangers, whatever the reason is.

Advertise Manager
You need to login in order to view replies.
Users browsing this thread: 1 Guest(s)