A threat actor claims to have breached Cloudeka.id, an Indonesia-based cloud computing service provider founded by the ICT company Lintasarta. The platform provides various cloud solutions, including Deka Box and Deka Cloud, assisting Indonesian entities ranging from MSMEs to large corporations in their digital transformation. According to the claims, the breach occurred in November 2025, resulting in the exfiltration of the organization’s source code.
The actor has allegedly made the stolen data available for download, specifically highlighting the directory tree of the compromised system. Based on the provided file listing, the allegedly compromised data includes:
-
Cluster Management Tools: Source code and scripts related to
crmsh(Cluster Resource Management Shell), including configuration templates and testing scripts. -
Network Monitoring Resources: Files related to
cricket(a tool for monitoring network traffic), including sample configurations for routers, switches, and system performance. -
System Diagnostics: Directories for
cpu-checkerandcrash(kernel crash dump analysis). -
Development and Debugging Tools: Source files for
gdb(GNU Debugger) andcvs(Concurrent Versions System). -
Driver Databases: Extensive printer driver databases (
foomatic-db) covering manufacturers such as HP, Epson, and Brother. -
Kernel Headers: Linux kernel headers and include files, specifically referencing PowerPC architectures.












