The Brain Cipher ransomware group has announced their decision to release the decryption keys for Indonesia Terkoneksi this Wednesday. The group stated that their attack was meant to emphasize the importance of financing the industry and hiring qualified specialists, clarifying that it was not politically motivated but rather a penetration test with post-payment.
The group expressed apologies to Indonesian citizens for the widespread impact of their actions and requested public acknowledgment of their independent decision to release the keys. They mentioned that if the government prefers not to thank them publicly, private gratitude via mail would be acceptable. Additionally, the group included a Monero wallet for donations, expressing hope for contributions by Wednesday, but reiterated that the keys will be provided for free and on their own initiative.
On the other hand, a threat actor claimed to be selling data of Kominfo – Kementerian Komunikasi dan Informatika (Ministry of Communication and Information Technology, Indonesia) on BreachForums for $121,000. The data allegedly spans from 2021 to 2024. However, the post was subsequently deleted, adding another layer of complexity to the ongoing cybersecurity concerns in Indonesia.
[UPDATE] Brain Cipher Ransomware Group Releases Decryption Keys for Indonesia Terkoneksi
The Brain Cipher ransomware group has recently released the decryption keys for Indonesia Terkoneksi and addressed several key points in a public statement. They emphasized that the decision to release the keys was made independently, without any intervention from special services or law enforcement agencies. The group also asserted their internal unity, stating that there were no misunderstandings within their team and that everyone supported this decision.
Importantly, Brain Cipher clarified that this act of releasing decryption keys for free is a one-time event, and future victims should not expect similar leniency. They explained their rationale for targeting the data center, noting that such facilities require substantial investment and are often compelled to pay when faced with ransomware attacks. The attack on the data center was described as straightforward, involving the encryption of several thousand terabytes of data with minimal effort.
The group revealed that negotiations with the affected party reached a deadlock when the second party transferred communication access to third parties, effectively halting further discussion. Brain Cipher expressed gratitude to the citizens for their patience during this period and advised them to be skeptical of media reports, suggesting that people should trust only those who “keep their word.”
In conclusion, the group stated that they would wait for official confirmation that the decryption key works and that the data is restored before permanently deleting their copy of the data. However, they warned that if the second party claims to have restored the data independently or with third-party assistance, they will publish the data as a consequence.