‘Dark Overlord’ Hackers Leak Student Data After Sending Death Threats

On October 2nd, an unknown group sent death threats to an Iowa based Johnston Community School District forcing it to close some of its schools. The messages sent to parents via text included physically harming their kids and even killing them.

According to an official statement from Johnston Community School District “Around 8 p.m. on the evening of October 2, individual students and parents within our school district received anonymous messages, threatening the safety and security of our students. In an effort of caution, we will be canceling school for all students and district staff on Tuesday, October 3. All district buildings will be closed, and there is no KTC program.”

Now, reportedly, Dark Web hacking group going by the handle of Dark OverLord has claimed responsibility for sending threats. Not only that, the group has also leaked personal data of students that includes student names, telephone numbers, addresses, and voicemails.

The Dark OverLord works in a way where it first looks for zero-day vulnerabilities in the targeted system, breaches it then holds data for ransom. In some cases, the group demands money from large enterprises which have in the past included Netflix and WestPark Capital Bank.

Last year, the same group was responsible for selling multiple US healthcare insurance database containing information of 655,000 patients on the dark web. About four months ago, The Dark Overlord stole Netflix’s Orange is the New Black Season by exploiting a security flaw in Windows operating system used by Hollywood-based Larson Studios and threatened to leak it online if their demands were not met.

Some targeted victims involved the Federal Bureau of Investigation (FBI) to solve the issue which the group took as an offense. “We’re escalating the intensity of our strategy in response to the FBI’s persistence in persuading clients away from us,” The Dark Overlord, told The Daily Beast.

In the case of Iowa, the group claimed to hack Johnston Community School District and stole a trove of data allowing it to access personal and contact details of students which further led the sending of threatening messages to parents.KCCI reported that one of the messages sent out to a family stated that “I’m going to kill some kids at your son’s high school.”

Last month, the group also targeted other schools in the United States including Texas school district and a Montana district details of which were published on Pastebin for public access.

With every new day, hackers are getting sophisticated in identifying zero-day flaws which allows them to conduct their attack further. Schools and other educational institutes should hire cybersecurity firms to analyze threats surrounding officials and students.

More: Attacker demands ransom after series of DDoS attacks on Poker site

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.