The Price of Trust: Analyzing the Malware Campaign Exploiting TASPEN's Legacy to Target Indonesian Senior Citizens
Essential information
- Published
- 27/08/2025 15:59
- Modified
- 27/08/2025 19:11
- Tags
- 2025-08-27 banking trojan indonesia mobile malware pension fund phishing senior citizens spyware taspen
- Related entities
- 7 observables, 1 intrusion sets (apt), 3 techniques (mitre), 2 malware, 3 others
Description
A sophisticated mobile malware campaign is targeting Indonesian pensioners by impersonating TASPEN, the state pension fund. The attackers use a phishing website to distribute a malicious Android app that steals banking credentials, intercepts SMS messages for OTPs, and captures biometric data. The malware employs advanced evasion techniques and communicates with a command and control server, likely operated by a Chinese-speaking threat actor. This campaign poses significant risks to Indonesia's digital transformation efforts and public trust in government institutions. The successful targeting of TASPEN creates a dangerous precedent for attacks on other critical financial entities across Southeast Asia.