Hackers Threaten to Release 9/11 Insurance Files Unless They're Paid a Bitcoin Ransom

Francisco Memoria

A group of hackers known as TheDarkOverlord has recently claimed to have hacked a law firm handling cases related to the September 11 attacks in the United States, and threatened to release thousands of documents to the public, unless it gets paid an undisclosed amount in bitcoin.

According to Motherboard, the hacker group has in the past attempted to extort a production studio working for Netflix, and various other businesses. On Pastebin, TheDarkOverlord revealed the 9/11 files were taken from firms like Hiscox Syndicates Ltd, and Silverstein Properties, which owned the World Trade Center complex.

Speaking to the publication a Hiscox Group spokesperson confirmed a law firm working with it was breached, but noted its own IT infrastructure and system were “unaffected by this incident.” It admitted, however, the stolen files are related to litigation around the attacks.

To prove it has the documents, TheDarkOverlord published a set of letters and emails that mention various law firms, including the Transport Security Administration (TSA), and the Federal Aviation Administration (FAA), which has revealed it’s investigating the incident.

Through a tweet, the group noted appeared to be trying to capitalize on 9/11 conspiracy theories, as it claimed it was going to be providing some of the conspiracies surrounding the attacks “many answers.”

In its extorsion note, the group included a link to a 10GB archive of the files it has stolen, and has revealed it’ll be slowly releasing the decryption keys to these files unless the victims pay the hackers the amount it wants in BTC. It has also given its victims the option to contact them – and pay them BTC – to have their names censored in the documents.

The note reads:

Pay the fuck up, or we're going to bury you with this. If you continue to fail us, we'll escalate these releases by releasing the keys, each time a Layer is opened, a new wave of liability will fall upon you,

While the amount of BTC the group is asking for isn’t public, TheDarkOverlord is said to also be offering the files in an unnamed dark web hacking forum. Notably one of the breaches seemingly dates back to April of last year. While the hacking group was paid its ransom at the time, it claims its victim violated an “agreement.”

Weekly Newsletter

Bitpoint Reveals Breakdown of Funds Stolen and Pledges Reimbursement After Hack

Neil Dennis

Japan's Bitpoint cryptocurrency exchange has published a breakdown of the assets lost in this month's security breach where hackers stole around Y3 billion ($28 million), and has pledged to reimburse customers.

A document published by parent company Remix Point on Tuesday showed that of the Y3.02 billion stolen, Y2.6 billion belonged to customers, while Y960 million were company-owned assets.

Here's the full breakdown:

  • Bitcoin BTC1,225 - total stolen worth Y1.53 billion at the time of attack: Y1.28 billion belonging to customers and Y250 million to the exchange
  • Bitcoin cash BCH1,985 - worth Y70 million at time of attack: Y40 million customer owned and Y30 million exchange owned
  • Ether ETH11,169 - worth Y330 million at time of attack: Y240 million customer owned and Y90 million of exhange's
  • Litecoin LTC5,108 - worth Y500 million, with about Y40 million in customer funds
  • XRP28,106,323 - worth Y1.03bn at the time of attack of which around a quarter were customer funds


Remix Point added in its Tuesday statement that it would reimburse customer losses, compensating them in lost cryptocurrencies rather than their fiat equivalent.

The exchange revealed on Sunday it had already tracked $2.3 million worth of stolen tokens. Reported by Finance Magnates Bitpoint said it had recovered the funds and reabsorbed them.

Bitpoint said last week's security breach occurred due to unauthorized access to private keys of its hot wallets and now intends to move all holding into cold storage, where no breaches of security had been detected.

Co-operation With Regulators

Remix Point said in the document published on Tuesday that it was co-operating with self-regulatory body, the Japan Virtual Currency Exchange Association, to help establish better security measures across the industry.

It requested the association, along with its exchange rivals, monitor any suspicious activity in the coming days that might involve the deposit of funds potentially associated with the incident.