Menu
Browse

Cyber Threat Actor: DutchSec

Actor Type Location Known Incidents
 Icon
Sensationalist
China
2 incidents
Profile

DutchSec is a threat actor known by the primary alias DutchSec, with additional monikers observed in specific incidents such as NetherlandsMoDz and 0x0D1337. Publicly available information indicates the actor may be based in China, although this detail is noted as uncertain. No further biographical or organizational details about DutchSec have been confirmed in open sources.

The actor’s observed activity includes two distinct credential‑theft events. On September 30 2015, the handle 0x0D1337 claimed responsibility for compromising dutchwow.com, a private World of Warcraft server, and released a dump containing 3,917 usernames paired with hashed passwords. On October 29 2015, the alias NetherlandsMoDz asserted that asialawhouse.com had been breached, resulting in the public exposure of nearly 7,000 usernames stored in plain text alongside their corresponding passwords. Both disclosures were made via public paste sites or similar forums, highlighting a pattern of credential harvesting followed by immediate public release.

From these incidents, the only verifiable tactics, techniques, and procedures associated with DutchSec involve gaining unauthorized access to web‑based services, extracting credential databases, and publishing the data without apparent use of malware or sophisticated persistence mechanisms. No additional tooling, initial‑access vectors, or malware families have been documented in relation to this actor. Consequently, the two cited breaches represent the entirety of DutchSec’s publicly reported operations to date.

Incidents
Attributed incidents available to members
2 incidents
Sources
Sources available to members
0 sources