Hack Notice

Hack Notice: ASEAN companies still targeted by ALTDOS threat actors

ASEAN companies still targeted by ALTDOS threat actors

In December of 2020, DataBreaches.net reported on a threat histrion (or actors) calling themself “ALTDOS” who had attacked a siamese securities trading firm, Country group Securities (CGSEC) . CGSEC wasn’t the only thai entity they attacked, and within weeks, they had attacked MonoNext and 3BB, subsidiaries of Jasmine International. Angered by the entities’ response or lack of response to demands, ALTDOS ultimately dumped their data. Less than ace month later, this site reported another onslaught by them, this 1 involving Bangladesh Export importee fellowship limited (BEXIMCO). And in March, they attacked Vhive furniture retailer in Singapore. When the retailer allegedly reneged on an agreement to pay them, ALTDOS escalated, taking control of the firm’s email server and sending out emails to customers. They also dumped their customer data. in all of the above cases, ALTDOS dumped customer or personal information, using a variety of dump sites or leak sites to post data. But that wasn’t the last of their activity and attacks. Somewhat stunningly, perhaps, DataBreaches.net discovered this week that ALTDOS appears to still be in moderate of Vhive’s email server. as proof of claims, ALTDOS provided DataBreaches.net with a sort cap of an email from June 2. DataBreaches.net reached out to Vhive to wonder as to how ALTDOS still has access to their email server, but received no response. In early April, DataBreaches.net had reached out to Singapore’s data Protection direction to expect if the Vhive incident had been reported to them. A interpreter for the PDPC responded that they were aware of the incident and were investigating. Under their procedures, the results of their investigation are confidential, but the charge does issue decisions in cases where it has found a contravention of data tribute provisions of the PDPA. At the pose time, there is no determination for Vhive listed on the commission’s site, which may mean that the PDPC concluded its investigation and found no violation, or that the investigation is still open. Regardless of what the PDPC does or does not do, if ALTDOS still has access to Vhive’s email server, that is reason for concern. But Vhive was not the last assail by ALTDOS. There experience been two more Singapore entities attacked by ALTDOS recently (or at least ii that we currently live about). Unispec group Singapore ALTDOS claimed to get attacked Unispec group Singapore, which operates in the marine industry, providing services in marine insurance, surveying, cargo, containers, and marine IT software. UniSpec has offices in Singapore, India, Thailand, Malaysia, Indonesia, South dae-han-min-gook and China. In a instruction provided to DataBreaches.net, ALTDOS claimed that they had hacked into their intranet servers and stolen all of their coding, files and databases. Data and files include sensitive information pertaining to patronage secrets, corporate, employees, customers, projects, financial and more. ALTDOS uploaded some video proof of claims. They tell this site that when the firm did not reply to their emails, ALTDOS began dumping data on May 7. Unlike ALTDOS’s earlier attacks, the UniSpec data wasteyard was not because the aim refused to pay any demands. ALTDOS claims that they never even made any specific monetary demand on UniSpec. When the entity did not respond to their emails, they just went into dump or sale mode. “Our current style is to write an email asking for a reply from their management without stating any monetary demands from the victim,” ALTDOS told DataBreaches.net. “Since Unispec did not reply, ALTDOS did not state any demands. The email account that was used to contact Unispec was already deactivated by protonmail.” while they did not reply directly to ALTDOS, UniSpec reportedly filed takedown requests with gofile.io, file.io, pastebin, and some other sites where the threat actors uploaded files. DataBreaches.net did reach out to UniSpec to ask how the assail may have impacted them and whether they have notified employees and the PDPC about the attack, but no reply has been received. AudioHouse ALTDOS also claims to hold hacked and stolen more than 290,000 customers’ personal information from AudioHouse, one of Singapore’s largest electronic retailers. The firm has since reported the attack to the authorities and to their local tidings media. In support of their claims, ALTDOS provided DataBreaches.net with a video recording of what they claim are 320 stolen database and parting 10 of a customer database that they had uploaded. Because AudioHouse did not respond to their emails but went to the authorities and media, ALTDOS listed their data for sale on June 4. What are They Doing? Since DataBreaches.net first became aware of ALTDOS, it has been somewhat of a puzzle. in the past, they have not asked for the sort of exorbitant ransoms other terror actors experience demanded, and in some cases, as we control above, they malarkey up not making any financial demands at all and just leak the data or advertise it as being for sale. That does not appear like a particularly profitable business model, and DataBreaches.net asked them about it. They replied: Depending on the type of data, ALTDOS usually waste-yard out partial data and proceed to employment contact to deal the data to other groups. As they informed this site last year, they have continued to focusing on ASEAN companies. But are any paying them? Their attacks fare not seem to get much coverage. Are consumers there less concerned or outraged about breaches involving their consumer data, or is there just a concerted public exertion not to reward threat actors by reporting on them or paying them? According to ALTDOS, and DataBreaches.net has no way to confirm this: 70% of the breached companies pay them and then nothing is disclosed publicly about the hacks. For the other 30%, “ALTDOS will either fare a full data waste-yard or sell the data to contact which in both cases, will remainder up in the hands of other groups capable in extracting more monetary value with utilize of other methods.” ALTDOS continues to slump to reply any of this site’s questions as to how it gains a foothold in the victims’ systems, saying only […]

About HackNotice and ASEAN companies still targeted by ALTDOS threat actors

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and ASEAN companies still targeted by ALTDOS threat actors was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of ASEAN companies still targeted by ALTDOS threat actors their products, services, websites, or applications and you were a client of HackNotice, monitoring for ASEAN companies still targeted by ALTDOS threat actors you may have been alerted to this report about ASEAN companies still targeted by ALTDOS threat actors . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If ASEAN companies still targeted by ALTDOS threat actors had a breach of consumer data or a data leak, then there may be additional actions that our clients should take to protect their digital identity. data breaches, hacks, and leaks often take to and cause identicalness theft, account submit overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, watchword reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct resultant of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that trail to depress client security and digital identities that have been exposed and should be considered vulnerable to attack. HackNotice workings with clients to place the extent that digital identities make been exposed and provides remediation suggestions for how to handgrip each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that hurt consumers. HackNotice applies industry specific knowledge and advanced certificate practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to portion drudge notices with their friend, family, and collogues to help increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to help increase the security of our clients personal network. The security of the people that our clients interact with directly impacts the level of security of our clients. Increased exposure to accounts that have been taken over by hackers leads to further account have overs through phishing, malware, and other attach techniques.

If you found this plug notice to be helpful, then you may be interested in reading some additional drudge notices such as:

Those working inside an organization are a major cause of data breaches. Estimates of organizations $6.2 billion in the last ii years (presumably 2014 and 2015), according to a Ponemonidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to manage so.

Bank-Fund Staff Federal Credit Union

Bank-Fund Staff Federal Credit Union

Defacement https://www.bvntd.gov.vn/Fighter.txt