A notorious hacking group is claiming to have put up for sale stolen legal and other documents relating to the 9/11 terrorist attacks.
The individual(s) known as ‘The Dark Overlord’ claimed in a lengthy Pastebin notice to have hacked insurance giants Hiscox Syndicates and Lloyds of London and World Trade Center developer Silverstein Properties.
The resulting trove of 18,000 documents includes unspecified revelations on the infamous terror attacks of 2001 that killed nearly 3000.
“When major incidents like the WTC 911 incident happen, part of the litigation must involve SSI (Sensitive Security Information) and SCI (Special Compartment Information) from the likes of the FBI, CIA, TSA, FAA, DOD, and others being introduced into evidence, but of course this can't become public, for fear of compromising a nation's security, so they temporarily release these materials to the solicitor firms involved in the litigation with the strict demand they're destroyed after their use and that remain highly protected and confidential to only be used behind closed doors,” the noticed claimed.
“However, humans aren't perfect and many of these documents don't become destroyed, and when thedarkoverlord comes along hacking all these solicitor firms, investment banks, and global insurers, we stumble upon the juiciest secrets a government has to offer.”
Having already released several pretty unremarkable documents in an attempt to prove it means business, the group is seeking Bitcoin donations to publicly disclose more.
It also appealed to terrorist organizations and competing nation states such as China and Russia to bid, playing up to conspiracy theories about the attacks. Additionally, the group is trying to extort money from individuals mentioned in the docs to prevent them being published.
“What we'll be releasing is the truth,” it said. “The truth about one of the most recognizable incidents in recent history and one which is shrouded in mystery with little transparency and not many answers.”
At least part of the claims appears to check out. Hiscox released a statement on Monday saying that although it wasn’t hacked directly, an advisory law firm was back in April 2018, affecting “some of our commercial policyholders and other insurers.”
“One of the cases the law firm handled for Hiscox and other insurers related to subrogation litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach,” it explained.
The Dark Overlord has previous when it comes to online extortion, having targeted Netflix, WestPark Capital, the London Bridge Plastic Surgery clinic and other businesses.
However, experts were cautious about the group’s latest claims.
“The problem with these sorts of demands is that there is usually little proof that the threat is as simple as they are suggesting. What’s to say that they even have new evidence?” argued ESET UK security expert, Jake Moore.
“It's like the run of fake sextortion blackmail emails that many people have seen over the last few months, which claim to have footage of intimate moments. We know they aren’t real but there will always be a niggling 'what if' feeling at the back of one’s mind, even with CISOs.”