A group of hackers known as TheDarkOverlord has recently claimed to have hacked a law firm handling cases related to the September 11 attacks in the United States, and threatened to release thousands of documents to the public, unless it gets paid an undisclosed amount in bitcoin.
According to Motherboard, the hacker group has in the past attempted to extort a production studio working for Netflix, and various other businesses. On Pastebin, TheDarkOverlord revealed the 9/11 files were taken from firms like Hiscox Syndicates Ltd, and Silverstein Properties, which owned the World Trade Center complex.
Speaking to the publication a Hiscox Group spokesperson confirmed a law firm working with it was breached, but noted its own IT infrastructure and system were “unaffected by this incident.” It admitted, however, the stolen files are related to litigation around the attacks.
To prove it has the documents, TheDarkOverlord published a set of letters and emails that mention various law firms, including the Transport Security Administration (TSA), and the Federal Aviation Administration (FAA), which has revealed it’s investigating the incident.
It's not just insurance litigation that we have, it's CONFIDENTIAL, CLASSIFIED, and SECRET documents from FAA, FBI, TSA, USDOJ, and others. pic.twitter.com/7LaC8TaNAQ— thedarkoverlord (@tdo_h4ck3rs) January 1, 2019
Through a tweet, the group noted appeared to be trying to capitalize on 9/11 conspiracy theories, as it claimed it was going to be providing some of the conspiracies surrounding the attacks “many answers.”
In its extorsion note, the group included a link to a 10GB archive of the files it has stolen, and has revealed it’ll be slowly releasing the decryption keys to these files unless the victims pay the hackers the amount it wants in BTC. It has also given its victims the option to contact them – and pay them BTC – to have their names censored in the documents.
The note reads:
Pay the fuck up, or we're going to bury you with this. If you continue to fail us, we'll escalate these releases by releasing the keys, each time a Layer is opened, a new wave of liability will fall upon you,
While the amount of BTC the group is asking for isn’t public, TheDarkOverlord is said to also be offering the files in an unnamed dark web hacking forum. Notably one of the breaches seemingly dates back to April of last year. While the hacking group was paid its ransom at the time, it claims its victim violated an “agreement.”