👨🏻

Bapak

Tags

Cryptojacking

Attribution

🇮🇩

Incidents

Bapak Exploiting Stolen Cloud Access Keys

References

https://www.wiz.io/blog/detecting-behavioral-cloud-indicators-of-compromise-iocs

Last edited

Jan 27, 2025 12:27 PM

Status

Finalized

Cloud-fluent

`Bapak` is a group Wiz research detected across multiple customers, suggesting a systematic scanning of exposed credentials without any specific targeting. The group mainly operates out of IP addresses located in Indonesia, but occasionally employs VPNs to try and mask their activity.