Ransomware Attack on PT Jatelindo Perkasa Abadi by Stormous Group

PT Jatelindo Perkasa Abadi, a leading Indonesian company specializing in electronic billing and payment solutions, has recently fallen victim to a ransomware attack orchestrated by the Stormous group. The cybercriminals claim to have exfiltrated and published sensitive data on their dark web portal, potentially compromising the company's operational integrity.

About PT Jatelindo Perkasa Abadi

Established in 2004, PT Jatelindo Perkasa Abadi operates as a Biller Aggregator, connecting various billing providers and financial institutions to facilitate seamless transactions across different sectors. The company is known for its Electronic Billing Presentation and Payment System (EBPP), which allows users to manage billing and payment activities electronically. Jatelindo also developed Narobil, a platform aimed at assisting informal sectors in managing billing processes. The company processes over 700 million transactions annually, with a gross transaction value of approximately IDR 74 trillion (around USD 5 billion).

Attack Overview

The ransomware attack on Jatelindo was claimed by the Stormous group, a ransomware gang known for its politically motivated operations and double extortion tactics. The group has a history of targeting Western nations and companies, often aligning its attacks with geopolitical tensions. In this instance, Stormous claims to have exfiltrated and published Jatelindo's data, which could include sensitive information related to their electronic payment systems and client transactions.

About Stormous Ransomware Group

Stormous emerged in early 2022, gaining notoriety for its support of Russia during the conflict with Ukraine. The group employs double extortion tactics, encrypting data and threatening to leak it if the ransom is not paid. Stormous operates through an underground website and communicates via Telegram, often targeting companies whose data has already been leaked by other hackers. This raises questions about the legitimacy of their claims and their actual capabilities in executing sophisticated cyber operations.

Potential Vulnerabilities

Jatelindo's extensive operations and significant transaction volume make it an attractive target for ransomware groups like Stormous. The company's reliance on electronic payment systems and the sensitive nature of the data they handle could have made them vulnerable to such attacks. While Jatelindo emphasizes security and compliance with Indonesian regulations, the evolving tactics of ransomware groups necessitate continuous vigilance and advanced cybersecurity measures.

Sources

• Jatelindo Official Website
• Who is Stormous Ransomware Group?
• Stormous Ransomware Targeted Four Victims in a New Campaign
• Stormous: The Pro-Russian Clout-Hungry Ransomware Gang Targets the US and Ukraine
• Recover Data Ransomware Stormous