Hackers Who Brought Down an Entire Country's Infrastructure with Ransomware Say Sorry and Release Keys for Free

Hackers compromised the Temporary National Data Center (PDNS) in Indonesia with ransomware, causing problems nationwide. Now, all of a sudden, they are supposedly releasing the unlocking keys for free.

Brain Cipher is the group responsible for the PDNS attack, which affected many services across Indonesia. More than 280 agencies were affected, and the government says that data affected by the ransomware cannot be recovered.

According to a The Register report, the threat actor initially asked for an $8 million payout, but the authorities declined to pay. Most groups haggle with the victims for a long time, trying to convince them to pay, even a fraction.

However, in this case, the group claims to have released the keys that would allow the authorities to recover the locked data.

"We want to make a public statement," said the group on a dark web forum, according to the Fusion Intelligence Center on Twitter. "This Wednesday, we'll give you the keys for free. We hope that our attack made it clear to you how important it is to finance the industry and recruit qualified specialists. Our attack did not carry a political context, only a pentest with post payment."

"Citizens of Indonesia, we apologize for the fact that it affected everyone. We also ask for public gratitude and confirmation that we have consciously and independently made such a decision."

Making things even weirder, the group left a crypto wallet address where people can donate money.

"If the government representation, considers it wrong to thank the hacker. You can do it privately at the post office. We leave a monero wallet for donations, we hope that by Wednesday we will get something. (And we repeat again: we will give the keys absolutely free of charge and on our own initiative.)," the group added.

It's a distinct possibility that the scope of the original attack was much narrower and that the hackers didn't anticipate the scale of the problem they were creating. The fact that the authorities also refused to pay must have played an important role in the threat actor's decision to release the keys.