Names | ALTDOS (self given) | |
Country | [Unknown] | |
Motivation | Financial gain | |
First seen | 2020 | |
Description | Not much is known about this person or group, other than the breach reports. This group seems to have continued as Desorden. | |
Observed | Countries: Bangladesh, Malaysia, Singapore, Thailand. | |
Tools used | Cobalt Strike. | |
Operations performed | Dec 2020 | “ALTDOS,” as they call themselves, contacted a number of news outlets in Thailand and online news sites to announce that they had attacked CGSEC on December 4. <https://www.databreaches.net/thai-securities-trading-firm-goes-offline-after-cyberattack/> |
Jan 2021 | The same hacking group that hit Country Group Securities (CGSEC) in Thailand has revealed a recent attack on Mono Next Public Company Limited, a media and content conglomerate in Thailand. <https://www.databreaches.net/thai-media-and-content-conglomerate-mono-next-public-company-hit-by-altdos-hackers/> | |
Jan 2021 | Hackers claim to have attacked major Bangladeshi conglomerate <https://www.databreaches.net/hackers-claim-to-have-attacked-major-bangladeshi-conglomerate/> | |
Mar 2021 | Vhive, a popular retail furniture chain in Singapore, has posted a notice on their web site and Facebook page announcing a cyberattack that occurred on March 23. <https://www.databreaches.net/sg-vhive-alerts-consumers-to-cyberattack/> <https://www.databreaches.net/sg-vhive-attackers-escalate-take-control-of-furniture-retailers-email-server/> | |
May 2021 | Audio House customer data possibly stolen by hackers <https://www.straitstimes.com/tech/tech-news/audio-house-customer-data-possibly-stolen-by-hackers> | |
Jun 2021 | ALTDOS claimed to have attacked Unispec Group Singapore, which operates in the marine industry, providing services in marine insurance, surveying, cargo, containers, and marine IT software. UniSpec has offices in Singapore, India, Thailand, Malaysia, Indonesia, South Korea and China. <https://www.databreaches.net/asean-companies-still-targeted-by-altdos-threat-actors/> | |
Aug 2021 | Singapore-based OrangeTee appears to have suffered a massive hack and data exfiltration by ALTDOS threat actors. <https://www.databreaches.net/singapore-real-estate-firm-breached-by-altdos/> | |
Sep 2021 | ALTDOS claims to have hacked one of Malaysia’s biggest conglomerates <https://www.databreaches.net/altdos-claims-to-have-hacked-one-of-malaysias-biggest-conglomerates/> | |
Counter operations | Sep 2021 | ALTDOS claims some of their servers were seized but they did not lose data <https://www.databreaches.net/altdos-claims-some-of-their-servers-were-seized-but-they-did-not-lose-data/> |
Information | <https://www.csa.gov.sg/singcert/-/media/Singcert/PDFs/Joint-Advisory-on-ALTDOS.pdf> |
Last change to this card: 02 November 2021
Download this actor card in PDF or JSON format
Previous: Achilles
Next: Andromeda Spider
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |