The DarkOverlord hackers who were previously active on the darknet marketplaces have now hacked WestPark Capital investment bank and demanded ransom or else data will be leaked.
Recently, a Californian investment bank, WestPark Capital came under a threat when it realized that a group of hackers has infiltrated their database. The hackers go by the name of “TheDarkOverlord” and are demanding a ransom if the bank wants them to stop releasing sensitive information.
Information that has already been leaked
Nevertheless, as a proof that the group is not bluffing, it already made public certain files which included the social security numbers of five of the bank’s clients. The information released also consisted of some Non-Disclosure agreements, stock offerings and certain presentation files along with confidential contracts.
Screenshot from the sample data provided by the group.
Upon examination, it has been revealed that due to a weakness in the network security, the hack was made possible. This allowed the network of WestPark to be accessed remotely through different IPs.
Intel’s FlashPoint dedicated to keeps an eye on the darknet released an in-depth analysis [PDF] of the sample data which shows the data is highly sensitive and also pertinent to the following organizations:
WestPark Capital – Business Development meeting agenda
• SC FB HOLDINGS, LLC – Private offerings of Facebook Securities
• Calidant Capital,LLC – Non-disclosure/Non-circumvention agreement
• Houston American Energy Corporation – Share Buyback Agreement (agent)
• AgION, LLC – Background and reputation investigation of the company’s directors
• DivorceForce LLC – Securities Sale Escrow Agreement
• Intra-Asia Entertainment Corporation – Background and reputation investigation of the company’s directors
• JV Holdings, LLC – Recommendation letter from J.P. Morgan Private Bank
• Pivot Pharmaceuticals, Inc. – Non-disclosure/Non-circumvention agreement
• Roth Capital Partners – Underwriter Invitation Wire
• TroyGould Attorneys – Legal paperwork
• Corporate Stock Transfer Rights Agent to Tandon Digital, Inc. – Bank Statement
• WindStream Technologies, Inc. – Executive Investment Summary
• Zyppah, Inc. – Private Placement Memorandum
In a statement to HackRead, Flashpoint researchers said that:
“At the time of this writing, it is unclear if WestPark Capital has complied with criminal demands to protect the remaining clients; however, Flashpoint will continue to closely monitor the situation and will promptly issue updates regarding any new developments.”
The reason behind the attack
It has been reported by the hackers themselves that the attack was made as a result of having an offer rejected by them to the CEO of WestPark, Richard Rappaport. The offer, as stated by the hackers, included a generous business offer that would benefit Mr. Rappaport. However, he rejected the offer and thus the DarkOverlord resorted to such an act. However, they are still willing to hold negotiations if Mr. Rappaport wants to protect his business.
Unless otherwise, the hackers are demanding a ransom of almost $1 million according to one report if they are to be stopped from carrying on their activities. In a statement on Pastebin, the group said:
“We are releasing a select few documents belonging to WestPark Capital located in the Los Angeles, California, United States area. WestPark Capital is a “full service investment banking and securities brokerage firm” whose CEO, Richard Rappaport, spat in our face after making our signature and quite frankly, handsome, business proposal and so our hand has been forced.”
Not the first time for the DarkOverlord
DarkOverlord was also found selling US Healthcare insurance database of 689000 patients for a total price of 770 Bitcoin.
