3C-INT logo [Cyber]Crime Characterization for Intelligence FREE PREVIEW
You are exploring the Free preview. To unlock full read-only access to all public profiles and in-app notifications, create a free research account. For analyst / premium plans capabilities (editing, advanced tabs, exports), please contact us

Threat Actor Characterization

Back
You’re viewing the read-only version. Sign in for analyst tools (editors, promote draft, file/relations management, etc.)
KONCO ERROR SYSTEM

KONCO ERROR SYSTEM

ID: ad41dfac8a37b1794d48653a8ee84f4722766
Hacktivist Group Hacktivism
Threat types: Hacktivism, Intrusion, Data Leak
Indonesia IDN, GBR
Updated: 2026-04-12
Created: 2026-03-22
Progress: 92% Completeness: 88% Freshness: 100%
Operation zone: Indonesia, United Kingdom
Aliases Limited alias preview
KONCO EROR SYSTEM KONCO ERROR SYTEM Ko******** Ko**************
Ko*******************
Showing 2 of 5 aliases in free preview.
Actor Network Graph
Open Network Graph
Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.
MITRE ATT&CK®
confidence: medium
Actor Techniques page ATT&CK® Diagram

KONCO ERROR SYSTEM is assessed as an Indonesian Telegram-centered leak and opportunistic intrusion persona. Public evidence points to resident-data leak promotion, SQLi-adjacent activity, and alliance signaling with adjacent Indonesian actors rather than to a mature ransomware operation.


Technique Technique name Tactics Evidence
T1190 Exploit Public-Facing Application TA0001
  • 2026-03-14 — SQL injection challenge content posted via actor-linked public Telegram analytics capture is consistent with exploit activity against public-facing applications. · ref
  • 2026-03-30 — INFERENCE (confidence: medium): leak outcomes tied to public web resources are compatible with opportunistic exploitation of exposed web applications. · ref
T1213 Data from Information Repositories TA0009
  • 2026-03-25 — Public leak-post capture advertised resident data from East Java and Central Java in CSV form, indicating collection from information repositories. · ref
T1505.003 Web Shell TA0003
  • 2026-03-30 — INFERENCE (confidence: low): adjacent associated Indonesian channels publicly shared webshell access and server-side script artifacts; this is relevant at cluster level, not yet uniquely attributable to KONCO ERROR SYSTEM. · ref
T1585 Establish Accounts TA0042
  • 2026-03-25 — Public leak-post formatting included Telegram, TOX, Session, and cryptocurrency contact/payment markers, consistent with establishing and maintaining external accounts/channels for operations and monetization. · ref
Strategic Intelligence
Limited preview
Last updated: 2026-03-31T01:51:04+00:00

KONCO ERROR SYSTEM — Indonesian Telegram leak / intrusion persona

Classification: TLP:WHITE - Open Source Intelligence (OSINT)

Category: Cybercrime / Data Leak & Intrusion Persona - Origin: Indonesia (assessed)

Author: iQBlack CTI Team


Executive Summary

OSINT [B2]: KONCO ERROR SYSTEM appears to be a small Indonesian cyber persona or channel-centered actor active mainly on Telegram, with public behavior centered on data-leak claims, low-end intrusion bragging, challenge-style SQL injection posts, and amplification of compromised-data releases. Publicly visible evidence does not currently support classification as a mature ransomware program despite the noisy branding.


OSINT [B2]: The strongest observable signals are the Telegram channel footprint, alliance messaging involving PetrusNism, publicly advertised leak content tied to Indonesian resident data, and companion contact/payment markers including TOX, Session, Telegram, and cryptocurrency wallets. These features are more consistent with a leak-and-exposure ecosystem actor than with a well-documented encryption-focused extortion operation.

Full strategic intelligence is available in Analyst and Premium plans.
Executive Analyst Brief for CISO
Saved Limited preview

Executive Analyst Brief for CISO — KONCO ERROR SYSTEM

Classification: Unclassified / Open Source Intelligence (OSINT) — TLP:WHITE

Upgrade to access the full executive brief.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Executive brief now
Saved successfully.
Hunting Playbook
Saved Limited preview

Hunting Playbook — KONCO ERROR SYSTEM


Upgrade to access the full hunting playbook.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Hunting Playbook now
Saved successfully.
IOC Appendix
Saved Limited preview
Last updated: 2026-03-30T17:52:35+00:00

IOC Appendix — KONCO ERROR SYSTEM

Classification: Unclassified / Open Source Intelligence (OSINT) — TLP:WHITE

More IOC context for Research. Full appendix for Analyst and Premium plans.
IOC Appendix now
Saved successfully.
OSINT Library
Saved Limited preview
Last saved: 2026-03-30T18:27:21+00:00

OSINT Library — KONCO ERROR SYSTEM


2026-03-30 — Telegram — “konco error system”

Full OSINT references available for Research / Analyst.
OSINT Library now
Saved successfully.
Social Medial & Communication
SOCMINT integrated: 0/8
Address Verification SOCMINT
t.me/+gn************** Restricted Not integrated
t.me/+mu************** Restricted Not integrated
t.me/kon****************** Restricted Not integrated
t.me/+gF************** Restricted Not integrated
t.me/KON************ Restricted Not integrated
t.me/+vl************** Restricted Not integrated
t.me/+-t************** Restricted Not integrated
t.me/kon**** Restricted Not integrated
Notes: preview mode hides sensitive social/contact details.
Reference Images/Associated Evidence Limited
Showing 1–5 of 5 images
Alliance with PetrusNism Free Preview
Alliance with PetrusNism
Reference image Free Preview
Reference image
Alliance with Wolves of Turan Free Preview
Alliance with Wolves of Turan
Hacked website Free Preview
Hacked website
Logo Free Preview
Logo
Showing 4 of 5 images in preview mode. Additional evidence is restricted for Analyst and Premium plans.