National cybercrime network operating for 14 years dismantled in Indonesia

• Malanta.ai uncovered a 14‑year cybercrime infrastructure in Indonesia, resembling state‑sponsored operations
• Network spans 320K+ domains, hijacked government subdomains, and thousands of malware‑laden Android apps
• Campaign stole 50K+ gambling credentials, used AWS and Firebase for C2, raising nation‑state suspicions

Security researchers have uncovered enormous cybercrime infrastructure in Indonesia that’s been operating unabated for more than 14 years.

The length of the operation, the domains included, the malware circulated, and the data being sold on the black market, were all so big that the researchers - Malanta.ai - said the campaign resembles a nation-state campaign more than that of “simple” cybercriminals.

“What began as simple gambling websites has evolved into a global, well-funded, sophisticated, state-sponsored-level attack infrastructure operating across web, cloud, and mobile,” Malanta said in a recently published blog.