The Dark Overlord (hacker group)

{{short description|International hacker organization}}

The Dark Overlord (also known as the TDO) is an international hacker organization which garnered significant publicity through cybercrime extortion of high-profile targets and public demands for ransom to prevent the release of confidential or potentially embarrassing documents.{{cite web|url=https://www.cyberscoop.com/dark-overlord-recruiting-employees-looking-attention-911-data-dump/ |first1=Jeff |last1=Stone |website=CyberScoop |title=The Dark Overlord was recruiting employees and looking for attention before 9/11 data dump|date=8 January 2019|publisher=|access-date=12 January 2019}}

The group gained its initial notoriety through the sale of stolen medical records on TheRealDeal, a darkweb marketplace.{{cite web|url=https://www.zdnet.com/article/hacker-advertising-huge-health-insurance-database/ |date=June 27, 2016 |title=A hacker is advertising millions of stolen health records on the dark web|last=Whittaker|first=Zack|website=ZDNet|access-date=2020-04-17}}{{cite web|url=https://www.computerworld.com/article/3088907/hacker-selling-655-000-patient-records-from-3-hacked-healthcare-organizations.html|title=Hacker selling 655,000 patient records from 3 hacked healthcare organizations|last=Storm|first=Darlene|date=2016-06-27|website=Computerworld|access-date=2020-04-17 |url-status=live |archive-url=https://web.archive.org/web/20201029000536/https://www.computerworld.com/article/3088907/hacker-selling-655-000-patient-records-from-3-hacked-healthcare-organizations.html |archive-date= Oct 29, 2020 }} Major targets for the group included the extortion of Netflix, which resulted in the leak of unreleased episodes of the series Orange Is the New Black,{{cite web|url=https://www.axios.com/cybersecurity-hacking-cyber-crimes-dark-overlord-5ef60968-5803-4e33-bba6-91000d606e57.html|title=Hacker recruiting goes corporate |first1=Joe |last1=Uchill |date=10 January 2019 |publisher=axios|access-date=12 January 2019}} and Disney.{{cite news|last=Newman|first=Lily Hay|url=https://www.wired.com/2017/05/high-profile-extortion-hacks-arent-paying-off/ |url-access=limited |title=High-Profile Extortion Hacks Aren't Paying Off|date=2017-05-18|magazine=Wired|access-date=2020-04-17|issn=1059-1028 |url-status=live |archive-url= https://web.archive.org/web/20230526215058/https://www.wired.com/2017/05/high-profile-extortion-hacks-arent-paying-off/ |archive-date= May 26, 2023 }}

In 2017, the group broke its trend of hacking and extortion, and began a series of terror-based attacks starting with the Columbia Falls school district in Montana.{{cite web|url=https://nbcmontana.com/news/local/flathead-hackers-found-to-have-history-of-cyber-attacks|title=Flathead hackers found to have history of cyber attacks Led by 77|last=Graham|first=Taylor|date=2017-09-19|website=KECI|access-date=2020-04-17}}{{cite web|url=https://www.cbsnews.com/news/ransom-note-released-after-cyber-threats-to-montana-schools/|title="Ransom note" released after cyber-threats to Montana schools|website=CBS News|date=19 September 2017 |access-date=2020-04-17}} The group sent life-threatening text messages to students and their parents, demanding payment to prevent the murder of children.{{cite news|last=Cox|first=Joseph|url=https://www.thedailybeast.com/dark-overlord-hackers-text-death-threats-to-students-then-dump-voicemails-from-victims|title='Dark Overlord' Hackers Text Death Threats to Students, Then Dump Voicemails From Victims|date=2017-10-05|work=The Daily Beast|access-date=2020-04-17}} These attacks forced the closure of more than 30 schools across multiple school districts, resulting in more than 15,000 students being home from school for an entire week. During a senate committee hearing Senator Steve Daines (MT) referred to these attacks as "unprecedented".

On December 31, 2018, TDO announced the Lloyd's of London and Silverstein Properties "9/11 Papers" hack on Twitter, with thousands of incriminating documents{{cite web|url=https://hpub.org/article-70114//|title=ndex: Hacker group releases '9/11 Papers', says future leaks will 'burn down' US deep state|publisher=HuffpoClub|access-date=13 January 2019}}{{cite web|url=https://hpub.org/article-70106//|title=The Dark Overlord Hackers Threaten To Release TOP SECRET Files of 9/11 Litigation Unless Paid In Bitcoin|publisher=HuffpoClub|access-date=13 January 2019}}{{cite web|url=https://hpub.org/article-70038//|title=Hacker Group Dark Overlord Threatens to Dump Insurance Files Related to 9/11 Attacks|publisher=HuffpoClub|access-date=13 January 2019}} to be released in stages unless US$2,000,000 in bitcoin were paid.{{cite web|url=https://busy.org/@thedarkoverlord/9-11-papers-megaleak-layer-2-checkpoint-08-cyber-cash-for-cyber-cache|title=9/11 Papers Megalink|publisher=Busy.org|access-date=12 January 2019}}

TDO was subsequently banned from many social media platforms including Twitter, Reddit, Pastebin and removed from the front end of an uncensorable blockchain called Steemit.{{cite web | url=https://hiveblocks.com/@thedarkoverlord | title=Thedarkoverlord | Hive }} Platforms unrelated to TDO such as www.hpub.org also had their social media accounts eliminated or followers deleted for serving as mirrors of TDO hacked documents.{{cite web|url=https://hpub.org/article-70041/|title=ndex: 9/11 Docs Drop From Dark {{sic|nolink=y|reason=error in source|Overloard}}|publisher=HuffpoClub|access-date=13 January 2019|url-status=dead|archive-url=https://web.archive.org/web/20190114210341/https://hpub.org/article-70041/|archive-date=2019-01-14 }}{{cite web|url=https://anonfiles.com/ebVdf4q9bf/Checkpoint_08_zip|title=Checkpoint 8 |publisher=Anonfiles|access-date=12 January 2019}}{{cite web|url=https://heavy.com/news/2019/01/the-dark-overlord-update-banned-steemit-twitter-reddit/|title=Darkoverlord Banned|date=11 January 2019|publisher=heavy.com|access-date=12 January 2019}}