Thai media and content conglomerate Mono Next Public Company hit by ALTDOS hackers

The same hacking group that hit Country Group Securities (CGSEC) in Thailand has revealed a recent attack on Mono Next Public Company Limited, a media and content conglomerate in Thailand. As described by Thailand’s Securities and Exchange Commission, Mono Group divides its businesses into 5 business operations  MONO29 (Digital TV business),  MONOMAX (Video on Demand business providing movies and series as well as being an international movie distributor under the name MONO Streaming3), MONOCyber (Online business on website MThai as well as providing strategic planning and Holistic Communications service for product brands),  Master Content Provider: Content acquisition and marketing for Interactive TV business, and 29Shopping  (Home shopping business). According to Dun & Bradstreet, Mono Group generated $71.24 million (USD) in 2019. Threat actors calling themselves ALTDOS claim to have hacked 29shopping.com on January 6, mono29.com on January 3, and mono.co.th on December 25. They also claim to have successfully completed other attacks across Mono’s networks since November 2020 that resulted in the exfiltration of hundreds of gigabytes of data. Attempts to negotiate ransom demands with Mono were reportedly unsuccessful, a spokesperson informed DataBreaches.net, leading to them starting to dump data. The first small dump was customer data from 29shopping.com from 2018 to this month. ALTDOS had previously informed this site that they do not use ransomware, but they do exfiltrate data and then try to get entities to pay them not to dump the data they acquired. In addition to the .csv file with 1448 rows,  ALTDOS also  provided DataBreaches.net with screencaps showing the scope of what else they could access. In response to a question from this site as to how they gained access, the spokesperson for what was described as a team replied: There are many methods which we’ve used to gain initial access to their networks ranging from sniffing, brute force to code injections. Their motives, the spokesperson wrote, are purely financial and not political at all: There is nothing political about our attacks. It’s all about the money. ALTDOS main focus is in ASEAN and we attack many targets ranging from Bangladesh, Philippines, Malaysia to Thailand. Apparently, this is our 2nd Thai attack and Thai companies are hard to negotiate. Perhaps, it is difficult to communicate with the victims due to language barrier? DataBreaches.net reached out to Mono to request a response to ALTDOS’s claims. No reply has been received as yet, but the time difference could contribute to that. This post will be updated if a reply is received.DataBreaches.netRead More