Daixin Threatens To Publish Network Vulnerabilities After AirAsia Does Not Pay

April 6, 2023


AirAsia has apparently fallen victim to a major ransomware attack by the Daixin Team gang. More than five million records, alleged to be from customers and staff, were exposed online. The claim has not been verified or confirmed by AirAsia. The attack was first reported on Twitter by security researchers with screenshots taken from the darkweb.

The group shared a sample of the data with AirAsia after encrypting its database and demanded an undisclosed fee to unlock it. Daixin Team said they avoided locking up critical files related to flying equipment. They did lock out access to staff and passenger records until payment is made.

Daixin Team say it plans to publish details on the AirAsia network as AirAsia did not plan to pay the ransom. Providing access to and details of flaws in the network on open hacker forums would potentially leave it open for more malicious groups. The group claimed full responsibility for any future negative consequences caused from their actions.

Incident Date

November 12, 2022



Estimated Cost

Ransom not paid, Daixin threatens to share network vulnerabilities with other hackers


Type of Malware

No Malware identified

Threat Source