')}.amp-carousel-button-prev{background-image:url('data:image/svg+xml;charset=utf-8,Previous ')}.ampstart-dropdown{min-width:200px}.ampstart-dropdown.absolute{z-index:100}.ampstart-dropdown.absolute>section,.ampstart-dropdown.absolute>section>header{height:100%}.ampstart-dropdown>section>header{background-color:#000;border:0;color:#fff}.ampstart-dropdown>section>header:after{display:inline-block;content:"+";padding:0 0 0 1.5rem;color:#003f93}.ampstart-dropdown>[expanded]>header:after{content:"�"}.absolute .ampstart-dropdown-items{z-index:200}.ampstart-dropdown-item{background-color:#000;color:#003f93;opacity:.9}.ampstart-dropdown-item:active,.ampstart-dropdown-item:hover{opacity:1}.ampstart-footer .ampstart-icon{fill:#000}.ampstart-footer .ampstart-social-follow li:last-child{margin-right:0}.ampstart-image-fullpage-hero{color:#fff}.ampstart-fullpage-hero-heading-text,.ampstart-image-fullpage-hero .ampstart-image-credit{-webkit-box-decoration-break:clone;box-decoration-break:clone;background:#000;padding:0 1rem .2rem}.ampstart-image-fullpage-hero>amp-img{max-height:calc(100vh - 3.5rem)}.ampstart-image-fullpage-hero>amp-img img{-o-object-fit:cover;object-fit:cover}.ampstart-fullpage-hero-heading{line-height:3.5rem}.ampstart-fullpage-hero-cta{background:transparent}.ampstart-readmore{background:-webkit-linear-gradient(bottom,rgba(0,0,0,.65),transparent);background:linear-gradient(0deg,rgba(0,0,0,.65),transparent);color:#fff;margin-top:5rem;padding-bottom:3.5rem}.ampstart-readmore:after{display:block;content:"?";font-size:2rem}.ampstart-readmore-text{background:#000}@media (min-width:52.06rem){.ampstart-image-fullpage-hero>amp-img{height:60vh}}.ampstart-image-heading{color:#fff;background:-webkit-linear-gradient(bottom,rgba(0,0,0,.65),transparent);background:linear-gradient(0deg,rgba(0,0,0,.65),transparent)}.ampstart-image-heading>*{margin:0}amp-carousel .ampstart-image-with-heading{margin-bottom:0}.ampstart-image-with-caption figcaption{color:#4f4f4f;line-height:1.125rem}amp-carousel .ampstart-image-with-caption{margin-bottom:0}.ampstart-input{max-width:100%;width:300px;min-width:100px;font-size:1rem;line-height:1.5rem}.ampstart-input [disabled],.ampstart-input [disabled]+label{opacity:.5}.ampstart-input [disabled]:focus{outline:0}.ampstart-input>input,.ampstart-input>select,.ampstart-input>textarea{width:100%;margin-top:1rem;line-height:1.5rem;border:0;border-radius:0;border-bottom:1px solid #4a4a4a;background:none;color:#4a4a4a;outline:0}.ampstart-input>label{color:#003f93;pointer-events:none;text-align:left;font-size:.875rem;line-height:1rem;opacity:0;-webkit-animation:.2s;animation:.2s;-webkit-animation-timing-function:cubic-bezier(.4,0,.2,1);animation-timing-function:cubic-bezier(.4,0,.2,1);-webkit-animation-fill-mode:forwards;animation-fill-mode:forwards}.ampstart-input>input:focus,.ampstart-input>select:focus,.ampstart-input>textarea:focus{outline:0}.ampstart-input>input:focus::-webkit-input-placeholder,.ampstart-input>select:focus::-webkit-input-placeholder,.ampstart-input>textarea:focus::-webkit-input-placeholder{color:transparent}.ampstart-input>input:focus::-moz-placeholder,.ampstart-input>select:focus::-moz-placeholder,.ampstart-input>textarea:focus::-moz-placeholder{color:transparent}.ampstart-input>input:focus:-ms-input-placeholder,.ampstart-input>select:focus:-ms-input-placeholder,.ampstart-input>textarea:focus:-ms-input-placeholder{color:transparent}.ampstart-input>input:focus::placeholder,.ampstart-input>select:focus::placeholder,.ampstart-input>textarea:focus::placeholder{color:transparent}.ampstart-input>input:not(:placeholder-shown):not([disabled])+label,.ampstart-input>select:not(:placeholder-shown):not([disabled])+label,.ampstart-input>textarea:not(:placeholder-shown):not([disabled])+label{opacity:1}.ampstart-input>input:focus+label,.ampstart-input>select:focus+label,.ampstart-input>textarea:focus+label{-webkit-animation-name:a;animation-name:a}@-webkit-keyframes a{to{opacity:1}}.ampstart-input>label:after{content:"";height:2px;position:absolute;bottom:0;left:45%;background:#003f93;-webkit-transition:.2s;transition:.2s;-webkit-transition-timing-function:cubic-bezier(.4,0,.2,1);transition-timing-function:cubic-bezier(.4,0,.2,1);visibility:hidden;width:10px}.ampstart-input>input:focus+label:after,.ampstart-input>select:focus+label:after,.ampstart-input>textarea:focus+label:after{left:0;width:100%;visibility:visible}.ampstart-input>input[type=search]{-webkit-appearance:none;-moz-appearance:none;appearance:none}.ampstart-input>input[type=range]{border-bottom:0}.ampstart-input>input[type=range]+label:after{display:none}.ampstart-input>select{-webkit-appearance:none;-moz-appearance:none;appearance:none}.ampstart-input>select+label:before{content:"?";line-height:1.5rem;position:absolute;right:5px;zoom:2;top:0;bottom:0;color:#003f93}.ampstart-input-chk,.ampstart-input-radio{width:auto;color:#4a4a4a}.ampstart-input input[type=checkbox],.ampstart-input input[type=radio]{margin-top:0;-webkit-appearance:none;-moz-appearance:none;appearance:none;width:20px;height:20px;border:1px solid #003f93;vertical-align:middle;margin-right:.5rem;text-align:center}.ampstart-input input[type=radio]{border-radius:20px}.ampstart-input input[type=checkbox]:not([disabled])+label,.ampstart-input input[type=radio]:not([disabled])+label{pointer-events:auto;-webkit-animation:none;animation:none;vertical-align:middle;opacity:1;cursor:pointer}.ampstart-input input[type=checkbox]+label:after,.ampstart-input input[type=radio]+label:after{display:none}.ampstart-input input[type=checkbox]:after,.ampstart-input input[type=radio]:after{position:absolute;top:0;left:0;bottom:0;right:0;content:" ";line-height:1.4rem;vertical-align:middle;text-align:center;background-color:#fff}.ampstart-input input[type=checkbox]:checked:after{background-color:#003f93;color:#fff;content:"?"}.ampstart-input input[type=radio]:checked{background-color:#fff}.ampstart-input input[type=radio]:after{top:3px;bottom:3px;left:3px;right:3px;border-radius:12px}.ampstart-input input[type=radio]:checked:after{content:"";font-size:3rem;background-color:#003f93}.ampstart-input>label,_:-ms-lang(x){opacity:1}.ampstart-input>input:-ms-input-placeholder,_:-ms-lang(x){color:transparent}.ampstart-input>input::placeholder,_:-ms-lang(x){color:transparent}.ampstart-input>input::-ms-input-placeholder,_:-ms-lang(x){color:transparent}.ampstart-input>select::-ms-expand{display:none}.ampstart-headerbar{background-color:#fff;color:#000;z-index:999;box-shadow:0 0 5px 2px rgba(0,0,0,.1)}.ampstart-headerbar+:not(amp-sidebar),.ampstart-headerbar+amp-sidebar+*{margin-top:3.5rem}.ampstart-headerbar-nav .ampstart-nav-item{padding:0 1rem;background:transparent;opacity:.8}.ampstart-headerbar-nav{line-height:3.5rem}.ampstart-nav-item:active,.ampstart-nav-item:focus,.ampstart-nav-item:hover{opacity:1}.ampstart-navbar-trigger:focus{outline:none}.ampstart-nav a,.ampstart-navbar-trigger,.ampstart-sidebar-faq a{cursor:pointer;text-decoration:none}.ampstart-nav .ampstart-label{color:inherit}.ampstart-navbar-trigger{line-height:3.5rem;font-size:2rem}.ampstart-headerbar-nav{-webkit-box-flex:1;-ms-flex:1;flex:1}.ampstart-nav-search{-webkit-box-flex:0.5;-ms-flex-positive:0.5;flex-grow:0.5}.ampstart-headerbar .ampstart-nav-search:active,.ampstart-headerbar .ampstart-nav-search:focus,.ampstart-headerbar .ampstart-nav-search:hover{box-shadow:none}.ampstart-nav-search>input{border:none;border-radius:3px;line-height:normal}.ampstart-nav-dropdown{min-width:200px}.ampstart-nav-dropdown amp-accordion header{background-color:#fff;border:none}.ampstart-nav-dropdown amp-accordion ul{background-color:#fff}.ampstart-nav-dropdown .ampstart-dropdown-item,.ampstart-nav-dropdown .ampstart-dropdown>section>header{background-color:#fff;color:#000}.ampstart-nav-dropdown .ampstart-dropdown-item{color:#003f93}.ampstart-sidebar{background-color:#fff;color:#000;min-width:300px;width:300px}.ampstart-sidebar .ampstart-icon{fill:#003f93}.ampstart-sidebar-header{line-height:3.5rem;min-height:3.5rem}.ampstart-sidebar .ampstart-dropdown header,.ampstart-sidebar .ampstart-dropdown-item,.ampstart-sidebar .ampstart-faq-item,.ampstart-sidebar .ampstart-nav-item,.ampstart-sidebar .ampstart-social-follow{margin:0 0 1.5rem}.ampstart-sidebar .ampstart-nav-dropdown{margin:0}.ampstart-sidebar .ampstart-navbar-trigger{line-height:inherit}.ampstart-navbar-trigger svg{pointer-events:none}.ampstart-related-article-section{border-color:#4a4a4a}.ampstart-related-article-section .ampstart-heading{color:#4a4a4a;font-weight:400}.ampstart-related-article-readmore{color:#000;letter-spacing:0}.ampstart-related-section-items>li{border-bottom:1px solid #4a4a4a}.ampstart-related-section-items>li:last-child{border:none}.ampstart-related-section-items .ampstart-image-with-caption{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap;-webkit-box-align:center;-ms-flex-align:center;align-items:center;margin-bottom:0}.ampstart-related-section-items .ampstart-image-with-caption>amp-img,.ampstart-related-section-items .ampstart-image-with-caption>figcaption{-webkit-box-flex:1;-ms-flex:1;flex:1}.ampstart-related-section-items .ampstart-image-with-caption>figcaption{padding-left:1rem}@media (min-width:40.06rem){.ampstart-related-section-items>li{border:none}.ampstart-related-section-items .ampstart-image-with-caption>figcaption{padding:1rem 0}.ampstart-related-section-items .ampstart-image-with-caption>amp-img,.ampstart-related-section-items .ampstart-image-with-caption>figcaption{-ms-flex-preferred-size:100%;flex-basis:100%}}.ampstart-social-box{display:-webkit-box;display:-ms-flexbox;display:flex}.ampstart-social-box>amp-social-share{background-color:#000}.ampstart-icon{fill:#003f93}.ampstart-input{width:100%}main .ampstart-social-follow{margin-left:auto;margin-right:auto;width:315px}main .ampstart-social-follow li{-webkit-transform:scale(1.8);transform:scale(1.8)}h1+.ampstart-byline time{font-size:18px;font-weight:400}.ampstart-subtitle{text-transform:uppercase}.content-body iframe{max-width:100%}.margin-top-15{margin-top:15px}.margin-top-10{margin-top:10px}.text-red{color:red}.amp-social-share{font-size:14px;padding:5px;width:32%}amp-social-share{background-size:20px}.amp-social-list{position:absolute;bottom:30px}.followus{margin-top:-10px;font-weight:700}.box-artikel-terkait-images amp-img{width:80px;height:80px}.box-artikel-terkait{border-bottom:1px solid #ccc;padding-bottom:2px;padding-top:10px}.box-artikel-terkait-images{float:left}.box-artikel-terkait-images amp-img img{object-fit:cover}.box-artikel-terkait-description small{font-size:11px}.box-artikel-terkait-description p{font-weight:700;font-size:14px}.box-artikel-terkait a{text-decoration:none}.feature-images amp-img img{object-fit:cover}.ads{width:320px;height:auto;text-align:center;margin:70px auto auto}.ads-300{height:250px}.ads-300,.ads-600{width:300px;text-align:center;margin:10px auto auto}.ads-600{height:600px}footer{background-color:#fff}footer ul{margin:0;padding:0}footer a{color:#fff;font-size:12px;font-weight:400;text-transform:none}footer li{list-style:none}.footer-copyright{color:#fff;font-size:14px;text-align:center;padding:10px;background-color:#1d1d1b}.feature-images-video{background-color:#000;padding:20px 0}.content-body p{margin:10px 0}.align-center-button{display:flex;align-items:center;justify-content:center;flex-direction:row;width:100%}amp-web-push-widget .subscribe{display:flex;flex-direction:row;align-items:center;border-radius:2px;border:1px solid #007ae2;padding:6px 20px;font-size:12px;margin:15px 0 0;background:#0e82e5;color:#fff}amp-web-push-widget .subscribe,amp-web-push-widget .unsubscribe{cursor:pointer;outline:0;font-weight:400;-webkit-tap-highlight-color:transparent}amp-web-push-widget .unsubscribe{border-radius:2px;border:1px solid #b3b3b3;margin:0;padding:8px 15px;font-size:15px;background:#bdbdbd;color:#555}amp-web-push-widget .subscribe .subscribe-icon{margin-right:10px}amp-web-push-widget .subscribe:active{transform:scale(.99)}
Jebakan Phishing Jadi Biang Kerok Bocornya Data KAI Uzone.id – Kejadiankebocoran data yang menimpaPT KAI (Kereta Api Indonesia) terus menyita perhatian. Grup ransomware Stormous mengklaim telah mencuri data-data sensitif seperti informasi karyawan, data pelanggan, data perpajakan, catatan perusahaan, informasi geografis, sistem distribusi informasi dan berbagai data internal lainnya.
Dalam pemeriksaan sementara peneliti siber CISSReC, Selasa, (16/01), Geng ransomware Stormous mendapatkan akses masuk ke sistem PT. KAI melalui akses VPN menggunakan beberapa kredensial dari beberapa karyawan, kemungkinan karena metode phishing dan social engineering.
Hal ini terlihat dari tangkapan layar yang dibagikan geng hacker ini, dimana mereka mendapatkan akses sebuah dashboard menggunakan kredensial salah satu karyawan KAI.
“Ini mempertegas bahwa memang Stormouse masuk melalui akses internal karyawan yang berhasil mereka dapatkan baik itu melalui metode phising serta social engineering atau mereka membeli kredensial tersebut dari peretas lain yang menggunakan malware log stealers,” kata Pratama Persadha selaku Chairman Lembaga Riset Keamanan Siber CISSReC dari keterangannya yang diterimaUzone.id , Selasa, (17/01).
Geng ransomware Stormous mengumpulkan hampir 2,2 GB file data sample dalam bentuk terkompresi dan diberi nama kai.rar. Tidak hanya mencuri, geng peretas ini mengancam akan menyebarkan file ini jika tidak ada kesepakatan antara pihaknya dengan pihak KAI.
Sebanyak 82 kredensial karyawan PT. KAI bocor dan hampir 22.5 ribu kredensial pelanggan dan 50 kredensial dari karyawan perusahaan lain yang bermitra dengan PT. KAI ikut dibobol hacker.
“Data kredensial tersebut didapatkan dari sekitar 3300 url yang menjadi permukaan serangan external dari situs PT. KAI tersebut,” jelas Pratama.
Mereka memberi tenggat waktu selama 15 hari kepada PT. KAI untuk melakukan negosiasi dan membayar tebusan yang mereka minta yaitu sebesar 11,69 BTC atau hampir setara dengan 7,9 milyar rupiah.
Dalam keterangan terpisah, PT KAI mengklaim seluruh data KAI aman dan tidak ada bukti kalau data-data KAI telah bocor.
“Seluruh sistem operasional IT, pembelian tiket online KAI, serta layanan Face Recognition Boarding Gate di semua stasiun masih berjalan dengan baik,” tambahnya.
Namun, KAI tetap melakukan kerja sama dengan pihak berwajib untuk melakukan penyelidikan akan dugaan kebocoran data ini dan tidak akan tunduk dalam tindak pemerasan yang dilayangkan oleh pihak hacker.