Do you still remember the article that discussed the level of cyber security in Indonesia? Recently, Dittipidsiber Bareskrim Polri succeeded in uncovering the perpetrators who spread malware which is a threat to users of e-Commerce sites in Indonesia, and even the world. The disclosure was made under the banner of Night Fury Operation which consists of law enforcement and private sector agencies. Night Fury Operation is one of the programs of the ASEAN Cyber Capability Desk designed by Interpol and in collaboration with one of the companies engaged in preventing cyber attacks, namely Group-IB. One of the targets the operation focused on was the spread of malware called JS Sniffer.

JS Sniffer is an ‘intruder’ malware created to monitor all the information contained on the target site. The command found in this malware is 'get billing', which allows perpetrators to obtain banking information belonging to site visitors, such as

• credit card number,
• full name of credit card owner,
• credit card owner's address,
• PayPal account,
• phone number,
• email address, and
• username used to login along with the password.

Based on Group-IB search results, JF Sniffer has succeeded in infecting more than 200 e-Commerce sites in various countries, including Indonesia.

After going through the investigation process, Dittipidsiber Bareskrim Polri succeeded in arresting several suspects who were suspected of being the perpetrators of the spread of JS Sniffer in Indonesia, namely K (35 years) and NA (25 years). The method is, they look for e-Commerce site vulnerabilities, then create a "door" that is inserted into the site so that every visitor who accesses the e-Commerce site will pass through the door they have prepared. Not only e-Commerce sites in Indonesia, the perpetrators also succeeded in infiltrating many e-Commerce sites from the UK, South Africa, Australia, the Netherlands and Germany. Within a period of 1 year, the perpetrator managed to collect a number of electronic items which, if collected, could reach IDR 150 million. Some of the evidence that was successfully secured included 1 (one) laptop, 5 (five) cellphones of various brands, 1 (one) CPU unit, 3 (three) ID cards. Suspect, 1 (one) BCA Token, 2 (two) ATM cards.

As a result of his actions, the suspect was subject to Article 30 Paragraph (1), Paragraph (2), Paragraph (3) Jo. 46 Paragraph (1) , Paragraph (2) , Paragraph (3) and/or Article 31 Paragraph (2) Jo. Article 47 and/or Article 32 Paragraph (1) and Paragraph (2) Jo. Article 48 Paragraph (1) and Paragraph (2) and/or Article 36 Jo. Article 51 Paragraph (2) Law Number 19 of 2016 concerning Amendments to Law Number 11 of 2008 concerning Electronic Information and Transactions and/or 363 of the Criminal Code with the threat of a criminal penalty of 10 years in prison.

Dittipidsiber Bareskrim Polri realizes that law enforcement efforts are not enough to prevent casualties due to the spread of this malware. Therefore, Dittipidsiber Bareskrim Polri will increase cooperation with parties related to e-Commerce and cyber security so that not many people become victims. However, the public also needs to increase vigilance to avoid the threat of spreading malware, especially JF Sniffer. There are several things that can be done so that people can avoid this threat, namely:

• make sure the anti-virus product you use is always up to date,
• use a Virtual Private Network (VPN) when surfing the Internet,
• always check the details of your credit card transactions and immediately report any suspicious transactions to the bank.