News Hacker suspected of Dozens of Cyberattacks Worlwide arrested in Bangkok.

[Fixxx]

The man operated under the aliases ALTDOS, DESORDEN, GHOSTR, and 0mid16B, and had been one of the most active cybercriminals in the Asia-Pacific region since 2021. According to Group-IB, the attacks resulted in the leak of over 90 databases containing 13 terabytes of confidential information. The hacker sold the stolen data on the dark web. During the arrest, Thai authorities seized several laptops, electronic devices, and luxury items from the suspect, including Chanel bags, watches, and jewelry. Investigators reported that the criminal purchased all these items with money earned from selling stolen data.

Unlike ransomware groups, the hacker did not immediately publish the leaks on the dark web. Instead, he would pass the data to media outlets or regulatory bodies, increasing the reputational and financial risks for companies. In several cases, the man directly contacted clients of the affected organizations via email and messaging apps, forcing companies to make concessions. Sometimes, the hacker even encrypted the victims' databases to intensify the pressure. The Singapore police stated that the investigation into the attacks began in 2020. Group-IB noted that the man was difficult to track because he frequently changed tactics and used new virtual identities to obscure connections to past attacks. Initially, the arrested individual was a respected member of data leak forums due to the unique databases he possessed, which allowed him to set high prices. However, he was later banned from some platforms for fraud and using multiple accounts. Thai media reports indicate that his name is Chinwei. According to sources, he confessed to hacking more than 70 databases and claimed to have acted alone, preferring to target large corporations while avoiding government organizations.