Summary: After a four-year investigation, law enforcement successfully apprehended a cybercriminal known by multiple aliases, including ALTDOS and Omid16B. The criminal, motivated by financial gain, executed various attacks on companies, primarily focusing on extortion through data breaches. Group-IB played a pivotal role in tracking the actor’s activities across different identities until his arrest in Thailand on February 26, 2025.
Affected: Cybersecurity, Law enforcement agencies, Private corporations
Keypoints :
- Law enforcement tracked the cybercriminal across multiple aliases and continents, including ALTDOS, DESORDEN, GHOSTR, and Omid16B.
- The actor’s operations included targeting Windows servers, exfiltrating data, and extorting victims with threats of public exposure.
- Group-IB’s investigation revealed consistent patterns and communication styles linking the aliases despite changing tactics and operational security.