VirusIndonesia

Tuesday, 26 May 2026

Update AulapG 2.0 - Revised in 2.0.0.1

Released: 26 May 2026

A new version of AulapG is here — stronger malware defenses, smarter runtime detection, improved investigation visibility, and a cleaner user experience — all in one update.

🌟 What’s New

✅ Runtime Suspicious Detection

Added Runtime Suspicious Detection to help identify potential zero-day malware behavior based on suspicious runtime activity.

✅ LOLBins and Fileless Malware Detection

Enhanced detection for LOLBins abuse and fileless malware techniques, improving coverage against suspicious script-based and living-off-the-land execution patterns.

✅ Real-Time Activity with Process Chain

Added real-time activity information to the dashboard, including process chain visibility and parent process hierarchy tracking to support faster investigation and triage.

✅ RTP Log Viewer

Added right-click “Copy Selected Row” support in the RTP Log Viewer table for easier log review and analysis.

✅ Optimized Design

Optimized the application design with a cleaner, more compact interface and improved dashboard activity presentation.

Install AulapG 2.0.0.0 to enjoy stronger protection, smarter detection, improved investigation visibility, and a smoother overall experience.

Updated:

AulapG 2.0.0.1 (Released: 27 May 2026)
- Bug fix for notification.
- Runtime Suspicious Detection toggle → can now be switched on/off from AI Threat Detection settings.

👉 Get AulapG 2.0.0.1 here: https://aulap.my.id/

Monday, 25 May 2026

Kebiasaan Buruk yang Jadi Pintu Masuk Malware: Dari Situs XXX, Aplikasi Crack, sampai APK Palsu

Banyak orang mengira malware masuk karena “komputer sedang sial” atau karena hacker menyerang secara langsung. Padahal, dalam banyak kasus, malware masuk karena kebiasaan kecil yang dilakukan berulang: download aplikasi crack, klik link sembarangan, membuka situs berisiko, menginstal APK dari WhatsApp, atau menonaktifkan proteksi keamanan karena dianggap mengganggu.

Di Indonesia, kebiasaan seperti ini masih sering ditemui, baik di pengguna pribadi, UMKM, sekolah, kantor kecil, sampai lingkungan kerja yang lebih besar. Masalahnya, malware sekarang tidak selalu terlihat seperti virus lama yang langsung membuat komputer rusak. Banyak malware modern bekerja diam-diam untuk mencuri password, mengambil data browser, merekam aktivitas, atau membuka jalan bagi ransomware.

Ancaman Malware Terkini di Indonesia: Ransomware, Infostealer, AI Phishing, dan Malware Android

Ancaman malware di Indonesia makin berkembang cepat. Dulu, banyak orang menganggap malware hanya sebatas virus komputer yang membuat laptop lambat. Sekarang, malware sudah menjadi bagian dari ekosistem kejahatan siber yang jauh lebih terorganisir: mencuri password, mengambil alih akun, menginfeksi perangkat Android, mencuri data perusahaan, sampai menjadi pintu masuk ransomware.

Indonesia juga bukan target kecil. Dalam konteks Asia Pasifik, Microsoft mencatat Indonesia berada di peringkat ke-12 negara dengan aktivitas siber tertinggi di kawasan, dengan paparan terhadap pencurian data, ransomware, dan malware infostealer seperti Lumma Stealer. Lumma sendiri disebut telah menyerang lebih dari 14 ribu perangkat di Indonesia pada paruh pertama 2025.

Data lokal juga menunjukkan arah yang sama. Pada periode Januari–Juli 2025, BSSN mencatat 3,64 miliar anomali trafik yang mengarah pada serangan siber, dan 83,68 persen di antaranya berbasis malware. Angka ini menunjukkan bahwa ancaman malware bukan lagi isu teknis semata, tetapi sudah menjadi risiko nyata untuk pengguna pribadi, UMKM, organisasi, dan instansi di Indonesia.

Prometei & World Leaks: The Evolution of a Botnet from Crypto-Mining to Data Extortion

The cybersecurity landscape is witnessing a strategic pivot from one of the most adaptive botnets in operation: Prometei. Historically recognized as a relentless hunter for Monero (XMR), recent intelligence confirms that Prometei operators are venturing into a darker territory: Data Extortion.

Recent disclosures on World Leaks highlight that this modular botnet is no longer just piggybacking on your server's CPU cycles; it is actively harvesting intellectual property and threatening public exposure.

The Evolutionary Threat: Why the Shift?

Prometei is a sophisticated, multi-module botnet utilizing over 15 different components to propagate via SMB exploits (such as EternalBlue), RDP brute-forcing, and SSH vulnerabilities. The success of the "Extortion-only" (non-encrypting) model in the Ransomware-as-a-Service (RaaS) market has clearly influenced its operators.

Target Profile: Primarily targets Windows and Linux servers with weak administrative controls.
Deep Camouflage: The malware frequently masquerades as legitimate system services like sqhost.exe or smcard.exe, hiding in non-standard directories (e.g., \Windows\dell\).
The Extortion Pivot: Rather than the computationally expensive task of encrypting entire drives, they quietly exfiltrate sensitive databases and internal documents before issuing a ransom demand.

VirusIndonesia

Pages