DarkVault Ransomware Targets PT. Oexpress Logistik Indonesia

Incident Date:

June 21, 2024

World map



DarkVault Ransomware Targets PT. Oexpress Logistik Indonesia


PT. Oexpress Logistik Indonesia




Jakarta Timur, Indonesia

, Indonesia

First Reported

June 21, 2024

Ransomware Attack on PT. Oexpress Logistik Indonesia by DarkVault Group

Company Profile: PT. Oexpress Logistik Indonesia

PT. Oexpress Logistik Indonesia, a prominent logistics and supply chain management company, plays a crucial role in Indonesia's transportation sector. With a workforce of 69 employees and led by Rovan Alfarry, the company excels in providing diverse services such as freight forwarding, warehousing, and customs brokerage. Known for its "Real-Time Smart Delivery" solutions, PT. Oexpress leverages advanced technology to optimize operations and offer real-time shipment visibility, setting it apart in the industry.

Details of the Ransomware Attack

The DARKVAULT ransomware group, which has recently surfaced in the cybercrime arena, has targeted PT. Oexpress Logistik Indonesia. The attackers have set a deadline of June 28, 2024, for their ransom demands, threatening to release sensitive company data if their conditions are not met. This attack underscores the vulnerabilities even technologically adept companies face against determined cybercriminals.

Profile of the DarkVault Ransomware Group

DarkVault, mirroring the operational tactics of the notorious LockBit ransomware group, has demonstrated sophisticated capabilities in executing cyber attacks. Their method involves establishing a dark web leak site, similar to LockBit's, to intimidate and pressure their victims into meeting their ransom demands. The group's strategic use of a proven successful model indicates a high level of sophistication and poses a significant threat to global cybersecurity.

Potential Breach Points

The specific vulnerabilities exploited in this attack are not detailed, but typical entry points could include phishing, exploitation of unpatched systems, or compromised credentials. For a company like PT. Oexpress Logistik Indonesia, which relies heavily on technology for its logistics operations, such entry points could be particularly detrimental if not adequately secured.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.