Microsoft cybersecurity experts: The goal is to stay under the radar and establish persistence in targeted networks. The APT attacked France and Vietnam.
Dark Overlord cybercrime gang claims to have stolen tens of thousands files, related to the 9/11 terrorist attacks
The Dark Overlord hacking group claims to have stolen tens of thousands files related to the 9/11 terrorist attacks. They’re part of a huge trove of documents from the British insurance company Hiscox, that suffered a data breach in April 2018. The company acknowledged the incident and confirmed that the hacked server “may have included information relating to up to 1,500 of Hiscox’s US-based commercial insurance policyholders.” According to Security Affairs, on December 31, 2018, the insurance firm confirmed that the stolen documents included information about the 9/11 events. The group published a message on Pastebin announcing that it decided to offer for sale the documents even if the law firm paid to avoid publishing the documents. The hackers decided to publish the document because the company contacted law enforcement.
Hiscox confirms the data breach and the theft of the 9/11 related documents
“There has been some recent online coverage relating to Twitter posts about 9/11-related litigation and mentioning Hiscox,” reads a statement published by the company. “The online posts relate to an incident we reported in April 2018, when we were made aware that a US law firm that advised Hiscox, some of our commercial policyholders and other insurers, had experienced a data breach in which information was stolen. The law firm’s systems are not connected to Hiscox’s IT infrastructure and Hiscox’s own systems were unaffected by this incident. One of the cases the law firm handled for Hiscox and other insurers related to subrogation litigation arising from the events of 9/11,” concludes the statement, “and we believe that information relating to this was stolen during that breach.”
The offer of the cyber criminals
“What’s the takeaway?”, Dark Overlord writes on Pastebin. “We hacked Lloyds of London and Silverstein Properties. This release of 911 Litigation Documents is highly exclusive and only available from thedarkoverlord! For a limited time only, we’re leaking the first few documents as proof of our trove on the famous dark web hacker forum ‘KickAss’. For those of you who are most interested in acquiring the entire set of documents, which counts at over 18.000 documents, to include .doc, .pdf, .ppt, .xls, .tif, .msg, and many other interesting formats (or just to acquire the most highly secret and confidential documents). The good news for you is that we’ll be selling these documents for a limited time,” the post added. “If you’re a terrorist organisation such as ISIS/ISIL, Al-Qaeda, or a competing nation state of the USA such as China or Russia, you’re welcome to purchase our trove of documents.”
Dark Overlord released the first batch of the decryption keys for the 650 confidential documents related to the terrorist attacks
The group initially published screenshots of some of the stolen documents, and now decided to publish a first batch of files. “There’s five layers to go. Layer 1, 2, 3, 4, and fine finally Layer 5. Each layer contains more secrets, more damaging materials, more SSI, more SCI, more government investigation materials, and generally just more truth,” the Dark Overlord wrote in a Steemit post. “Consider our motivations (money, specifically Bitcoin), we’re not inclined to leak the juiciest items until we’re paid in full. However, in the interest of public awareness and transparency, we’re officially announcing our tiered compensation plan.”“Each layer contains more secrets, more damaging materials, more SSI, more SCI, more government investigation materials, and generally just more truth.” Journalists who viewed the documents said that insurance files contain lawsuit details of people affected by the 9/11 attacks and testimonies of airport security officials.
Who are the malicious hackers
The Dark Overlord is a well known hacking group that targeted organizations different sectors. From finance to media, passing through healthcare. The hacker’s team is famous also for having leaked online episodes from the forthcoming season of the TV show Orange Is The New Black. They demanded an unspecified sum to Netflix, but the company did not accept to pay the ransom so the hacker released the episodes online. In October 2017, the group broke into the celeb London Bridge Plastic Surgery clinic.