Hacker group launches cyberattack campaign against lawyer firms

Russian-speaking hackers breach 97 websites, many of them dating ones

Dark Overlord hackers have pledged to leak information related to the 9/11 terrorist attacks in New York

As the world prepared to receive the New Year, the hacker group known as The Dark Overlord made a statement that took the whole cybersecurity community by surprise because, according to specialists from the International Institute of Cyber Security, this group of hackers claims to have stolen a huge amount of data from the legal firm Hiscox Syndicates LTD, a company responsible for the management of insurance policy files related to the attacks of September 11, 2001.

The incident was discovered after a Pastebin ad appeared online; in it, it was mentioned that, in addition to the attack against Hiscox Syndicates, the hackers also attacked the organizations Lloyds of London and Silverstein Properties.

In addition, hackers claim that Hiscox and Lloyds of London “are the largest insurance companies in the world.” After explaining their motives for attacking legal and insurance firms, hackers demanded a ransom payment in Bitcoin and threatened to leak sensitive information related to the 9/11 terrorist attacks if their demands were not fulfilled.

According to specialists in cybersecurity, the stolen data include email addresses, non-disclosure agreements, accountability analysis, litigation strategies, agreements, testimonials, exchanges of information with public officials from all over the world, etc.

According to Pastebin publication of The Dark Overlord, the Hiscox firm was aware of the cyberattack and even made a first payment for the rescue of the information, but failed to comply with the cybercriminals’s demands by notifying the authorities of the incident.

“After a few months we discovered that law enforcement agencies had been involved in this issue thanks to an informant. Even after this violation of our agreement we decided to give the legal firm a second chance to meet our demands. Because they refused to accept this new offer, we decided to act this way”, mentions the post of the hacking organization.

To demonstrate their claims, The Dark Overlord published 16 screenshots showing fragments of internal communication from Hiscox Syndicates, in addition to publishing a download link, which apparently contains 10 GB of encrypted data, whose decryption keys will be published later, according to the group of hackers.

“If you are one of dozens of law firms that participated in the litigation, a politician who was involved in the case, an investment bank, etc., you can contact us through our email to request that you formally withdraw your documents and materials of any possible public disclosure in exchange for a payment,” mentions the Pastebin post.

According to experts in cybersecurity, The Dark Overlord group is a well-known hacking organization identified primarily for its attacks against banks, insurers, cosmetic surgery clinics, companies like Netflix, etc.

In May 2018, law enforcement agencies in Serbia arrested a 38-year-old man, born in Belgrade, pointing him as a suspect of being one of the main members of The Dark Overlord. However, due to this recent attack campaign the specialists deduce that it has not been possible to shut down this organization, showing that The Dark Overlord is still active.