DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

TheDarkOverlord v2.0: now with threats of physical violence?

Posted on September 18, 2017 by Dissent

You may have never heard of Flathead Valley in Montana. I’ll admit that I had never heard of it until tonight when I received a tip to go look at a post on their sheriff’s Facebook page.  And that’s when I learned that Flathead County schools had not only been hacked and threatened if they didn’t pay the hackers, but parents had received messages threatening to kill their children.  The threats were taken seriously enough that 30 schools were closed for days while the county and federal law enforcement investigated the threats.

We are now in the realm of TheDarkOverlord v2.0, it seems.

For those who, like this blogger, have followed the criminal activities of TheDarkOverlord, reading a report of them thoroughly hacking an entity and then writing a lengthy demand letter threatening to expose confidential files or personal information – well, that’s nothing new. But contacting parents of school children and threatening their children’s physical safety?

It is TheDarkOverlord on steroids, at the very least.  But is it a real threat?

As The Flathead Beacon reported after the situation escalated:

The individual apparently gained access to the Columbia Falls School District’s electronically stored directory and began contacting and threatening families individually.

How do you terrorize an entire community? You raise the spectre of Sandy Hook. And you show that you know details about the children and the school.


Read the ransom letter.


TheDarkOverlord are masters at doing their research, and were aiming to create significant terror in their targets. I think it’s pretty clear that they accomplished that – at least in the short-term. But is this approach likely to result in more payments from victims, or has TheDarkOverlord misunderstood the psychology of its intended victims? There is certainly no indication that Flathead Valley will be paying them any money.

What the people of Flathead County may not know, but what law enforcement should certainly know, is that this is not the first time TheDarkOverlord has threatened physical violence against a victim. DataBreaches.net is not reproducing an earlier threat missive, but it, too, was designed to terrorize its target by threatening physical violence against the victim’s family. And the Flathead case is not the first case where TheDarkOverlord has contacted its victims by phone or SMS to threaten them or deliver obscenity-laden messages.

And maybe that’s the first thing law enforcement could have done to reassure the community: to recognize from the style and writing that this was/is the work of TheDarkOverlord and they’ve threatened physical violence before but never followed up on it – at least, not to date.

Of course, if TheDarkOverlord is really outside of the U.S., as the sheriff apparently told the community, then actual physical violence seems less likely. But should the county be telling the public that TheDarkOverlord is outside of the U.S.? It’s a reasonable hypothesis, but do they actually have any hard proof of that? If they don’t have actual proof, wouldn’t it be more honest to say, “We believe that they’re outside of the U.S.” than to assert that they are?

I am all for reassuring a nervous public. I am not for lying to them to reassure them. So DataBreaches.net sent two queries to the Sheriff’s office. The first question asked why the public was being told that TheDarkOverlord is outside of the U.S. – if law enforcement has actual hard proof of that – and if not, why the public are being told that they are?

The second question asked why law enforcement is telling the public that TheDarkOverlord has a history of often failing to keep their promises. The Flathead Beacon reported:

Curry said all indications are that the hackers do not fulfill their promises if people do pay the ransom.

“We have also discovered that they have frequently failed to live up to their promises to not release the stolen data in the past, even when their ransom demands have been met,” Curry said.

“All indications?” “Frequently failed to live up to their promises?” What does the sheriff know that I don’t? This site is aware of only one incident in which TheDarkOverlord dumped data after victims made the required payment – the Larson Studios incident. On what basis is Sheriff Curry stating that “all indications” are that the hackers do not fulfill their promises?

I am obviously not suggesting that the county (or any victims, for that matter) should pay any ransom or extortion demand by TheDarkOverlord. I just want to see some data that supports any government statements in this case. Law enforcement is welcome to contact me to discuss these questions. This post will be updated if I get a response from the sheriff or someone in law enforcement involved in the case.

In the meantime, the  Flathead Beacon has done a truly admirable job of reporting on the situation as it has evolved, and you can get caught up on the details by reading their reports (in reverse chronological order, below:)

  • Authorities: Overseas Hackers Seeking to Extort Community with Cyber Threats
  • Flathead County Schools to Resume Classes Tuesday Following Cyber Threats
  • Authorities Communicating with Suspect in School Threats Investigation
  • Flathead Valley Schools Closed Friday, Events Canceled Through the Weekend
  • Flathead Valley Schools to Remain Closed Friday Amid Threat Investigation

 

Related posts:

  • Kept in the Dark — Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
  • No holds barred? TheDarkOverlord threatens students with physical violence to send FBI a message to back off
  • Did Columbia Falls Schools treat an extortion payment made to TheDarkOverlord as a dirty little secret?
  • Did a media blackout on reporting on TheDarkOverlord allow them to mushroom in the dark?
Category: Breach IncidentsCommentaries and AnalysesEducation SectorHackOf NoteU.S.

Post navigation

← Data breach made public, Ridgeview says it exposed some email addresses
Equifax admits it had another breach 5 months before the one it disclosed →

3 thoughts on “TheDarkOverlord v2.0: now with threats of physical violence?”

  1. Anonymous says:
    September 19, 2017 at 6:43 am

    Weak.

    Anyone can hide behind several proxies and firewalls and say stuff like this. But, to actually try it… No, that would take actual balls. Obviously, TheDarkOverlord had no balls within several miles. Of course, I wouldn’t expect any more from cyber terrorists. Pathetic loser(s).

    By the way, DarkOvaries (I like that name better), come on over with your “elite training” (most likely from Call of Duty) that you threatened the kids with. We’ll show you what real elite training looks like. In fact, let me know when you land and I’ll be the first to meet you.

    1. Anonymous2 says:
      September 19, 2017 at 2:53 pm

      +1

      1. Anonymous says:
        September 25, 2017 at 3:10 am

        +2

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.