216.73.217.64

Indonesian Banking Sector Threat Landscape

· Published 09/07/2026 19:50

Export JSON

Essential information

Published
09/07/2026 19:50
Modified
Source / Author
AlienVault
Confidence
100/100
Report type(s)
threat-report
Labels / Tags
abcdoor amaranth loader apt espionage bfsi sector chrysalis cobalt strike cve-2025-8088 data breach financial cybercrime havoc indonesian banking lotuslite phishing campaigns ransomware extortion rustsl shadowguard supply chain compromise tgamaranth rat valleyrat
Related entities
1 vulnerabilities (cve), 29 indicators, 28 observables, 1 intrusion sets (apt), 22 techniques (mitre), 10 malware

Description

Indonesia's Banking, Financial Services, and Insurance sector faced significant cyber threats throughout 2026, including multiple alleged data breaches targeting major banking institutions and fintech platforms. Underground forums advertised compromised datasets containing customer information, account details, and sensitive documents, with varying levels of validation. Ransomware groups ICARUS and The Gentleman conducted extortion campaigns against financial organizations. China-linked APT groups including SilverFox, Mustang Panda, Amaranth-Dragon, Lotus Blossom, and Shadow Campaigns demonstrated sophisticated capabilities through phishing operations, supply chain compromises, and zero-day exploitation. These state-aligned actors deployed advanced malware such as , , , and custom backdoors for long-term espionage. The expanding digital banking ecosystem and regional financial connectivity have increased attack surfaces, requiring enhanced cyber resilience, continuous monitoring, a...

External references