Tags
Cryptojacking
Attribution
🇮🇩
Incidents
Bapak Exploiting Stolen Cloud Access Keys
References
https://www.wiz.io/blog/detecting-behavioral-cloud-indicators-of-compromise-iocs
Last edited
Jan 27, 2025 12:27 PM
Status
Finalized
Cloud-fluent
`Bapak` is a group Wiz research detected across multiple customers, suggesting a systematic scanning of exposed credentials without any specific targeting. The group mainly operates out of IP addresses located in Indonesia, but occasionally employs VPNs to try and mask their activity.