A cybercriminal accused of stealing and leaking data from over 90 companies worldwide has been arrested in Bangkok, Thailand.
The suspect, who operated under various aliases such as DESORDEN Group, ALTDOS, GHOSTR, and 0mid16B, had been targeting businesses since 2020. The arrest was carried out by the Royal Thai Police and the Singapore Police Force with assistance from cybersecurity firm Group-IB.
Authorities say the hacker stole over 13TB of personal data from companies across Asia-Pacific, Europe, and North America. Group-IB described him as one of the most active cybercriminals in the region since 2021, primarily targeting organizations in Thailand, Singapore, Malaysia, Indonesia, and India. His method involved using SQL injection attacks and exploiting vulnerable Remote Desktop Protocol (RDP) servers to breach corporate networks, followed by quick data exfiltration and extortion attempts.
The cybercriminal was known for high-level blackmail tactics, often threatening companies with media exposure instead of leaking data on dark web forums. If victims refused to pay, he would inform journalists or data protection authorities to maximize reputational damage. In some cases, he even contacted affected customers directly or encrypted corporate databases. One of his high-profile attacks targeted Taiwanese tech giant Acer.
During the raid, Thai police seized laptops and luxury goods believed to be purchased with proceeds from cybercrime. Local reports identified the suspect as a 39-year-old man named Chia, who admitted to selling stolen data for $10,000 per transaction. He now faces charges related to unauthorized computer access, extortion, and illegal residence.
