Is The Dark Overlord’s days numbered?
Serbian police have arrested a man suspected of being a member of the notorious and high profile hacking and extortion group.
The Dark Overlord has made quite a name for itself in recent years by not just stealing sensitive information from compromised computer networks, but also demanding a ransom be paid.
What happens if you choose not to pay the ransom? Well, The Dark Overlord threatens to release the stolen data to the media, or simply publish it openly on the internet. And that’s the kind of attention that few organisations are wanting.
The hacking group is thought to have made hundreds of thousands of dollars through its extortion attempts.
The 38-year-old man, who the authorities have not named other than by his initials (“S.S”), was arrested by police in Belgrade as part of a joint operation with the FBI.
Of course, with the information made available so far it’s very difficult to say if this is the end of the line for The Dark Overlord’s operations. We simply do not know how many people are involved in the hacking gang, or what position the arrested man is thought to have had within the group.
As a consequence it’s quite possible that we may continue to see other hacks (and extortion attempts) carried out under the banner of “The Dark Overlord”, whether it be the same group or by copycats trying to take advantage of the gang’s notoriety.
Sure enough, Joseph Cox at Motherboard reports that since the arrest of “S.S” he has been contacted by someone who has access to The Dark Overlord’s email account with a simple stark message:
“We”re still here”
But one thing is certain, Other members of The Dark Overlord hacking collective must be having some sleepless nights right now, wondering if they might be the next to get a surprise visit from the authorities.
For now, my advice to businesses remains the same. Educate your staff about phishing scams, put strong authentication in place, patch against vulnerabilities and adopt a layered approach to security to reduce the risk that your company will be hacked, and the privacy of your customers put at risk.