Hacker apprehended while the group remains at large

When you hear about something called The Dark Overlord, you might expect it to be something related to a movie or video game.  Not so, here, with a Canadian hacker being sentenced to three years in prison for dealing in stolen personal information, including doing business with a hacking and extortion group with that moniker.

While this one individual, who was selling Social Security numbers, names and birth dates, has now been apprehended, the Dark Overlord group remains active.  It has been implicated in ransom campaigns and harassment against schools, small businesses and health care entities.  Weak security practices lure them in, one of which appears to have been default remote access controls – more critical to an organization’s security than ever in this period of remote work.

The collaboration between the group and the lone hacker, Slava Dmitriev, goes back several years.  Some of their earliest projects involved extortion of New York dentists in 2016, as well as threats made against 30 schools in Montana in 2017 via text messages and calls to parents.  This incident resulted in the schools closing for a whole week.  The same year, Dmitriev received information from the group containing over 200,000 stolen identities.  The Dark Overlord even managed to steal an entire season of Netflix’s “Orange is the New Black,” which resulted in a $50,000 bitcoin payment from a post-production company.

Although the group’s activities tapered off in 2018, after federal investigators started taking it seriously and turning up the heat, most of its members have never been caught.  A couple of arrests and convictions have occurred in the last few years: one co-conspirator served a sentence in the UK before being extradited to the US.  Another possible suspect was reportedly identified by Serbian police in 2018.

While these incidents were all pre-pandemic, today’s state of remote work and access could offer an even more appealing target to groups like The Dark Overlord, who could potentially exploit the confusion and security slip-ups that come with employees working out of the office.  As long as it persists, it’s even more important for organizations to keep their data protected once a breach is made.

NetLib Security’s Encryptionizer solution offers transparent data encryption to keep a business’ stored data protected, rendering sensitive data illegible and useless to intruders.


By: Jonathan Weicher, post on February 3, 2022
Originally published at: https://www.netlibsecurity.com
Copyright: NetLib Security