Cyber Threat Actor: ALTDOS
| Actor Type | Location | Known Incidents |
Criminal
|
China
|
11 incidents |
|---|
Profile
ALTDOS is a threat actor group believed to be based in China. The group has been active since at least 2020 and has been responsible for a number of high-profile cyberattacks across Southeast Asia. ALTDOS has primarily targeted companies in the retail, real estate, and financial sectors, with a particular focus on conglomerates and large businesses. Their modus operandi often involves stealing sensitive data and encrypting files, followed by ransom demands.
One of their earliest known attacks was against CGSEC, a Thai securities trading firm, in December 2020. ALTDOS stole sensitive documents and encrypted files, causing the company to go offline temporarily. In early 2021, the group carried out a series of attacks on subsidiaries of Jasmine International PLC, a Thai media and content conglomerate. After failed negotiations with 3BB, another subsidiary, Mono Next Public Company Limited, was breached. These attacks were soon followed by breaches at the Bangladesh Export Import Company Limited (BEXIMCO) and Audio House, a Singaporean furniture retailer, where they stole the personal information of over 290,000 customers.
ALTDOS has also targeted real estate companies, such as OrangeTee in Singapore, and one of Malaysia's biggest conglomerates, Sunway Group, in September 2021. The group's activities have caused significant disruption to businesses and raised concerns among organizations across the region. Their tactics, techniques, and procedures (TTPs) align with those of a financially motivated criminal group, and their success in breaching prominent companies underscores the significant capabilities and persistence of this threat actor.
