Threat Group Cards: A Threat Actor Encyclopedia

Other threat group: Desorden

Names	Desorden (self given)
Country	[Unknown]
Motivation	Financial gain
First seen	2021
Description	Not much is known about this person or group, other than the breach reports. Seems to be a renamed ALTDOS.
Observed	Countries: India, Indonesia, Malaysia, Taiwan, Thailand, USA.
Tools used
Operations performed	Sep 2021	Desorden Group claims to have stolen 200 GB of data from ABX Express <https://www.databreaches.net/desorden-group-claims-to-have-stolen-200-gb-of-data-from-abx-express/>
	Oct 2021	Another Malaysia carrier allegedly hacked and data exfiltrated — Skynet <https://www.databreaches.net/another-malaysia-carrier-allegedly-hacked-and-data-exfiltrated-skynet/>
	Oct 2021	Acer confirms second security breach this year <https://therecord.media/acer-confirms-second-security-breach-this-year/>
	Oct 2021	Acer under fire: Now hackers claim to have hit Acer Taiwan, too <https://www.databreaches.net/acer-under-fire-now-hackers-claim-to-have-hit-acer-taiwan-too/>
	Oct 2021	Central Restaurants Group in Thailand hit by Desorden <https://www.databreaches.net/central-restaurants-group-in-thailand-hit-by-desorden/>
	Oct 2021	Desorden Group expands attack on Central Group after deal to pay them allegedly fell through <https://www.databreaches.net/desorden-group-expands-attack-on-central-group-after-deal-to-pay-them-allegedly-fell-through/>
	Jul 2022	Desorden is back, declares an attack on MISTINE Better Way Thailand Company <https://www.databreaches.net/desorden-is-back-declares-an-attack-on-mistine-better-way-thailand-company/>
	Jul 2022	Thai entities continue to fall prey to cyberattacks and leaks <https://www.databreaches.net/thai-entities-continue-to-fall-prey-to-cyberattacks-and-leaks/>
	Aug 2022	Major Indonesia tollroad operator hacked by DESORDEN <https://www.databreaches.net/major-indonesia-tollroad-operator-hacked-by-desorden/>
	Sep 2022	TH: Major Cineplex and Major Development PCL hit by DESORDEN <https://www.databreaches.net/th-major-cineplex-and-major-development-pcl-hit-by-desorden/>
	Sep 2022	Customer data from hundreds of Indonesian and Malaysian restaurants hacked by DESORDEN <https://www.databreaches.net/customer-data-from-hundreds-of-indonesian-and-malaysian-restaurants-hacked-by-desorden/>
	Sep 2022	DESORDEN leaks more data from Indonesia; “Indo data is officially worthless” <https://www.databreaches.net/desorden-leaks-more-data-from-indonesia-indo-data-is-officially-worthless/>
	Sep 2022	Malaysian Telecom RedOne hit by DESORDEN <https://www.databreaches.net/malaysian-telecom-redone-hit-by-desorden/>
	Oct 2022	Thailand’s THE ICON GROUP hacked by DESORDEN <https://www.databreaches.net/thailands-the-icon-group-hacked-by-desorden/>
	Oct 2022	Revenge telecom hacking by DESORDEN Group; third attack threatened <https://www.databreaches.net/revenge-telecom-hacking-by-desorden-group-third-attack-threatened/>
	Oct 2022	Johnson Fitness and Wellness hit by DESORDEN Group <https://www.databreaches.net/johnson-fitness-and-wellness-hit-by-desorden-group/>
	Jul 2023	Major Malaysian water utilities company hit by hackers; Ranhill offline; hackers claim databases and backups deleted <https://www.databreaches.net/major-malaysian-water-utilities-company-hit-by-hackers-ranhill-offline-hackers-claim-databases-and-backups-deleted/>
Information	<https://cloudsek.com/threatintelligence/threat-group-desorden-actively-targeting-asian-conglomerates/>

Last change to this card: 05 September 2023

Download this actor card in PDF or JSON format

Previous: Dark Basin
Next: Dungeon Spider

↑

Threat Group Cards: A Threat Actor Encyclopedia

Other threat group: Desorden

Follow us on

Report incidents