The Dark Overlord Ransom Scheme

The terrorist attacks of 9/11 instilled fear, hatred, and uncertainty in the hearts of many Americans.  So, when the hacking group, The Dark Overlord (TDO), disclosed that it breached a law firm that handles cases related to September 11th, both the people and media went into a frenzy.  The group threatened to publicly release gigabytes of sensitive, litigation-related documents if the ransom it requested was not paid.  The documents in question include, but are not limited to non-disclosure agreements, e-mails, retainer agreements, settlements, and testimonies.  TDO promised that the leaks will have devastating consequences for the country. Most people are not worried about that as much as they are the hacker’s seemingly open access to everything.

TDO – Who They Are

This is not the first time the Dark Overlord Group has been in the news.  Prior to this scheme, the group was notorious for holding an entire school for ransom.  This occurred while also sending children death threats, going after healthcare organizations, and extorting money from Netflix.  Netflix paid the requested ransom but still had their show spoiled. This is a hazard to paying digital extortionist. You just can’t trust them.  

Digital Extortion Is Alive and Well

The practice of obtaining money through force or threat is called extortion.  In cybersecurity terms, it is also commonly known as ransomware. The Dark Overlord group has already received three payments to its bitcoin wallet from firms it has victimized.  The victims paid fearing that TDO would release sensitive security information. As with most ransomware victims, the businesses felt they had no choice but to pay the ransomware that was demanded. TDO even tweeted, “Consider our motivations, we’re not inclined to leak the juiciest items until we’re paid in full”, is only a fragment of what TDO tweeted.  

In response to their posts, Twitter has suspended an account associated with TDO, @tdo_h4ck3rs, from posting messages on the social media platform.  TDO was also cited for selling access to stolen legal documents thought to endanger national security.

Ransom Payments Made Easy

Bitcoin has been around for several years.  It is a form of cryptocurrency that is decentralized, so it cannot be controlled by any banking institution or country.  The use of bitcoin for transactions is often frowned upon because of the relationship to illegal payments. Of course, many legal transactions are made with bitcoin but groups like TDO bring about villainization of the currency.  

The data referenced was supposedly derived from several law firms and real estate developers associated with 9/11 conspiracies.  Among them are Silverstein Properties, Hiscox Syndicates, and Husch Blackwell. TDO targeted these specific firms in hopes of rehashing traumatic experiences and inciting a national debate dividing even more Americans.  A thorough investigation and confirmation of all 3 businesses identified that no data was breached, leaked, or stolen. Hiscox stated that if by any chance there was data obtained by TDO, it was due to an old breach. Hiscox is downplaying claims made by the hacking group.  Hopefully, they are not hiding their breach; a practice we see across many U.S. businesses.

We Don’t Negotiate With Terrorists

TDO promises that it will continue to “peel back” the layers, unveiling America’s deepest and darkest secrets surround the September 11th tragedy.  The only way to prevent this is to, “pay the f*ck up”, says the groups spokes-people.  U.S. authorities appear no closer to shutting down TDO. As in the case of Netflix, money does not guarantee cyber safety.  Don’t trust criminals. Fool me once, shame on you. Fool me twice, shame on me.

If you are looking for Cybersecurity service in Washington DC contact us. We also offer critical infrastructure protection program support, Read here