The Price of Trust: Analyzing the Malware Campaign Exploiting TASPEN's Legacy to Target Indonesian Senior Citizens

**Executive Summary:** A sophisticated, targeted Android malware campaign is impersonating PT Dana Tabungan dan Asuransi Pegawai Negeri (TASPEN) to distribute a banking trojan/spyware that harvests credentials, SMS OTPs, contacts and biometric video, uses DPT-Shell packing and Frida anti-analysis, maintains encrypted WebSocket C2 (wss://rpc.syids.top) for real-time control and exfiltration, and includes IoCs (domains, IP, hashes, hardcoded key); linguistic artifacts point to Chinese-speaking operators and the campaign poses systemic financial and trust risks to Indonesian pensioners and institutions.