The Brain Cipher Ransomware hacking group has officially provided the decryption key to access the systems of the Temporary National Data Center 2 in Surabaya to a second party from the Indonesian Government. Although they didn’t specify who the second party was, there is a logo of the Ministry of Communication and Information Technology (Kominfo) in their release.
Brain Cipher Ransomware listed the decryption key link to unlock access to the Surabaya Temporary National Data Center 2 systems on their dark web page. They emphasized that they would wait for the second party to confirm that the key works and the data has been recovered. After that, they promised to permanently delete the data.
“We will wait for the second party to officially confirm that the key works and the data has been recovered. After that, we will permanently delete the data,” said Brain Cipher Ransomware via their X account @stealthmore_int.
They stated that this decryption key is only valid for the Surabaya Temporary National Data Center 2 and provided usage instructions. They also threatened to publish the stolen data if the second party claimed that the data had been recovered on their own or with the help of a third party.
Here is the latest statement from Brain Cipher Ransomware:
- We made this decision (to provide the decryption key for free) independently without intervention from special services or law enforcement agencies.
- There is no misunderstanding within our team. We are a solid team and all support this decision.
- This is the only time we provide the key for free. For other cases, please contact us.
- Why did we attack the data center? Because data centers are a high-tech industry that requires large investments. In this case, the attack was very easy, requiring only a short time to encrypt thousands of terabytes of data.
- We consider negotiations to have reached a dead end when the second party diverted negotiation access to a third party.
- We thank the public for their patience.
- You can draw your own conclusions and don’t trust the media.
Conclusion:
We will wait for the second party to confirm that the key works and the data has been recovered. If the second party claims to have recovered the data on their own or with the help of a third party, we will publish the data.
Kominfo Successfully Unlocks PDN Key Provided by Brain Cipher, Encrypted Specimens Open
The Director General of Informatics Applications of the Ministry of Communication and Information Technology (Kemenkominfo), Semuel Abrijani Pangerapan, confirmed that his party had tried to unlock the National Data Center (PDN) key provided by Brain Cipher. The results show that the key can unlock the encrypted data.
“We have also tried it, and on the specimens we have, the key was successfully used to unlock the data. However, because there are many keys, our technical team is still working to make sure everything is in order,” said Semuel in a press conference regarding his resignation as Director General of Aptika at the Kemenkominfo Office on Thursday (July 4th).
However, Semuel did not provide further details regarding the data that was successfully unlocked. He stated that further information would be conveyed later. “I was informed that the key can be used on the specimens we tested. These specimens are the data we took and tried to open using the key. For more details, please ask the technical team later,” he explained.
Semuel also did not provide specific explanations regarding the type of specimens used by Kominfo to test the key from Brain Cipher. He also did not confirm whether the data that was successfully unlocked was completely clean from the ransomware.
Brain Cipher has announced that they provided the National Data Center (PDN) key to the government free of charge. The announcement was posted on the Brain Cipher website, which can only be accessed via a special browser on the darknet on Wednesday (July 3rd).
In a post titled ‘Now We Will Answer The Most Popular Question’, Brain Cipher stated that they had kept their promise. On Tuesday (July 2nd), Brain Cipher announced that they would provide the PDN key on this day (Wednesday, July 3rd).
