The Dark Overlord (hacker group)

The Dark Overlord (also known as the TDO) is an international hacker organization which garnered significant publicity through cybercrime extortion of high-profile targets and public demands for ransom to prevent the release of confidential or potentially embarrassing documents.[1]

The group gained its initial notoriety through the sale of stolen medical records on TheRealDeal, a darkweb marketplace.[2][3] Major targets for the group included the extortion of Netflix, which resulted in the leak of unreleased episodes of the series Orange Is the New Black,[4] and Disney.[5]

In 2017, the group broke its trend of hacking and extortion, and began a series of terror-based attacks starting with the Columbia Falls school district in Montana.[6][7] The group sent life-threatening text messages to students and their parents, demanding payment to prevent the murder of children.[8] These attacks forced the closure of more than 30 schools across multiple school districts, resulting in more than 15,000 students being home from school for an entire week. During a senate committee hearing Senator Steve Daines (MT) referred to these attacks as "unprecedented".

On December 31, 2018, TDO announced the Lloyd's of London and Silverstein Properties "9/11 Papers" hack on Twitter, with thousands of incriminating documents[9][10][11] to be released in stages unless US$2,000,000 in bitcoin were paid.[12] TDO was subsequently banned from many social media platforms including Twitter, Reddit, Pastebin and removed from the front end of an uncensorable blockchain called Steemit. [13] Platforms unrelated to TDO such as www.hpub.org also had their social media accounts eliminated or followers deleted for serving as mirrors of TDO hacked documents.[14] [15][16]

Arrests

Nathan Wyatt, a member of The Dark Overlord hacking group, was extradited from the UK to the US in December 2019 to face charges in St. Louis for his involvement in the group.[17][18] According to the charges, Wyatt "conspired to steal sensitive personally identifying information from victim companies and release those records on criminal marketplaces unless victims paid Bitcoin ransoms.[19] In September 2020 Wyatt was sentenced to five years in federal prison on a charge of "conspiring to commit aggravated identity theft and computer fraud" and was ordered to pay almost $1.5 million in restitution.[20]

References

  1. ^ Stone, Jeff (8 January 2019). "The Dark Overlord was recruiting employees and looking for attention before 9/11 data dump". CyberScoop. Retrieved 12 January 2019.
  2. ^ Whittaker, Zack (June 27, 2016). "A hacker is advertising millions of stolen health records on the dark web". ZDNet. Retrieved 2020-04-17.
  3. ^ Storm, Darlene (2016-06-27). "Hacker selling 655,000 patient records from 3 hacked healthcare organizations". Computerworld. Archived from the original on Oct 29, 2020. Retrieved 2020-04-17.
  4. ^ Uchill, Joe (10 January 2019). "Hacker recruiting goes corporate". axios. Retrieved 12 January 2019.
  5. ^ Newman, Lily Hay (2017-05-18). "High-Profile Extortion Hacks Aren't Paying Off". Wired. ISSN 1059-1028. Archived from the original on May 26, 2023. Retrieved 2020-04-17.
  6. ^ Graham, Taylor (2017-09-19). "Flathead hackers found to have history of cyber attacks". KECI. Retrieved 2020-04-17.
  7. ^ ""Ransom note" released after cyber-threats to Montana schools". CBS News. 19 September 2017. Retrieved 2020-04-17.
  8. ^ Cox, Joseph (2017-10-05). "'Dark Overlord' Hackers Text Death Threats to Students, Then Dump Voicemails From Victims". The Daily Beast. Retrieved 2020-04-17.
  9. ^ "ndex: Hacker group releases '9/11 Papers', says future leaks will 'burn down' US deep state". HuffpoClub. Retrieved 13 January 2019.
  10. ^ "The Dark Overlord Hackers Threaten To Release TOP SECRET Files of 9/11 Litigation Unless Paid In Bitcoin". HuffpoClub. Retrieved 13 January 2019.
  11. ^ "Hacker Group Dark Overlord Threatens to Dump Insurance Files Related to 9/11 Attacks". HuffpoClub. Retrieved 13 January 2019.
  12. ^ "9/11 Papers Megalink". Busy.org. Retrieved 12 January 2019.
  13. ^ "Thedarkoverlord | Hive".
  14. ^ "ndex: 9/11 Docs Drop From Dark Overloard [sic]". HuffpoClub. Archived from the original on 2019-01-14. Retrieved 13 January 2019.
  15. ^ "Checkpoint 8". Anonfiles. Retrieved 12 January 2019.
  16. ^ "Darkoverlord Banned". heavy.com. 11 January 2019. Retrieved 12 January 2019.
  17. ^ "'The Dark Overlord' hacking group member facing charges in St. Louis". KSDK. 18 December 2019. Retrieved 2020-04-17.
  18. ^ Goodin, Dan (2019-12-19). "Dark Overlord taunted, threatened, and extorted. Now alleged member is behind bars". Ars Technica. Retrieved 2019-12-28.
  19. ^ "Member of "The Dark Overlord" Hacking Group Extradited From United Kingdom to Face Charges in St. Louis". U.S. Department of Justice. 2019-12-18. Retrieved 2020-04-17.
  20. ^ "UK National Sentenced to Prison for Role in "The Dark Overlord" Hacking Group". U.S. Department of Justice. 2020-09-21. Retrieved 2022-03-06.