Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

PT Kalimantan Prima Persada

pamapersada.com
Group Medusa
Discovered 2025-11-07 18:29 UTC
Est. attack date 2025-11-06
Country ID

Description:

PT Kalimantan Prima Persada (KPP) is a subsidiary of PT Pamapersada Nusantara (PAMA), a leading mining company in Asia. 99,99% shares composition of KPP owned by PT Pamapersada Nusantara and 0.01% by PT United Tractors Pandu Engineering. KPP was freshly born to realize a mining developer concept by establishing a new company to broaden market, offer services engaged in coal mining, started from exploration to sales and to service the booming, small and medium coal mining industry in Kalimantan. Ever since year 2003, KPP has established itself as PAMA'S NEXT GENERATION. The main operation is located in South Kalimantan and East Kalimantan. KPP are proud to contribute to the job market, create business opportunities for local entrepreneurs, as well as the implementation of various CSR programs. The improvement of Human Resources, the correct application of technology, professional management systems and the commitment towards safety at work, and nature preservation will always be the priorities. KPP aims to provide the best result for the stakeholders. In the future, KPP will become a prominent company as well as a trustworthy and reliable partner in the coal mining industry. company is headquartered in Jl. Rawa Gelam I No. 9, Kawasan Industri Pulogadung, Jakarta Timur 13930, DKI Jakarta, Indonesia. 1,872 Employees
Infostealer activity detected by HudsonRock

Compromised Employees: 29

Compromised Users: 10014

Third Party Employee Credentials: 31

External Attack Surface: 108

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabusetucows.com
MX Records
  • pamapersada-com.mail.protection.outlook.com. Microsoft 365
  • pamapersada.in.tmes-sg.trendmicro.com.
TXT Records
  • knowbe4-site-verification=fa61e5e5de89684ec1b31254b0cbbdf3
  • tmes=4b695d7349f20e744e21f82dc5470538
  • v=spf1 a:mail1a.pamapersada.com a:mail1b.pamapersada.com a:mx1.pamapersada.com a:mx2.pamapersada.com a:pamapersada.in.tmes-sg.trendmicro.com include:spf.protection.outlook.com include:spf.tmes.trendmicro.com include:_spf.psm.knowbe4.com ~all
  • 7SF9Z6V3PFNUXFCEWL04OKFZ05GR5KEQ2FIOAO4L
Cloud / SaaS Services Detected
KnowBe4 TrendMicro

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.