Menu
Browse

Cyber Threat Actor: ALTDOS

Actor Type Location Known Incidents
 Icon
Criminal
China
11 incidents
Profile

ALTDOS is a threat actor group believed to be based in China. The group has been active since at least 2020 and has been responsible for a number of high-profile cyberattacks across Southeast Asia. ALTDOS has primarily targeted companies in the retail, real estate, and financial sectors, with a particular focus on conglomerates and large businesses. Their modus operandi often involves stealing sensitive data and encrypting files, followed by ransom demands.

One of their earliest known attacks was against CGSEC, a Thai securities trading firm, in December 2020. ALTDOS stole sensitive documents and encrypted files, causing the company to go offline temporarily. In early 2021, the group carried out a series of attacks on subsidiaries of Jasmine International PLC, a Thai media and content conglomerate. After failed negotiations with 3BB, another subsidiary, Mono Next Public Company Limited, was breached. These attacks were soon followed by breaches at the Bangladesh Export Import Company Limited (BEXIMCO) and Audio House, a Singaporean furniture retailer, where they stole the personal information of over 290,000 customers.

ALTDOS has also targeted real estate companies, such as OrangeTee in Singapore, and one of Malaysia's biggest conglomerates, Sunway Group, in September 2021. The group's activities have caused significant disruption to businesses and raised concerns among organizations across the region. Their tactics, techniques, and procedures (TTPs) align with those of a financially motivated criminal group, and their success in breaching prominent companies underscores the significant capabilities and persistence of this threat actor.

Incidents
Attributed incidents available to members
11 incidents
Sources
Sources available to members
8 sources