Tuesday, 25 October 2016 07:30

TheDarkOverlord Hacked WestPark Capital Bank and Demanded Ransom


One of the main issues that affect Information and Communication networks today is the increasing prevalence of cybercrimes.

Cybercrimes are deliberate efforts to access and leverage information technology networks by unauthorized parties primarily for unlawful reasons.

The main motivation behind cyber-attacks is often damage, sabotage, ransom or theft.

In September 2016, The Los Angeles Times published a report about a hacking incident on WestPark Capital, an investment bank based in Los Angeles, California. 

The hacking attack was orchestrated by the hacking group known as TheDarkOverlord, who has leaked around 20 documents online.

According to reports, the CEO of WestPark Capital, Richard Rappaport, declined to pay the initial ransom that the hacking group requested.

This decision prompted TheDarkOverlord to release the files, and it threatens to disclose much more if their demands are not met.


At the moment, the real identity of TheDarkOverlord remains unknown. It is even not clear whether this entity is a group of hackers or a lone hacker.

TheDarkOverlord, conveniently named after a comic book villain, came into the public limelight when the hacking group attempted to extort healthcare facilities in June this year.

The hacking group claimed to have stolen 10 million patient’s insurance records including three medical databases containing information relating to more than 600,000 patients. The data contained everything from social security numbers, contact information, addresses, medical records, and insurance coverage.

TheDarkOverlord threatened to sell this information on the online black market if the ransoms were not paid.

The ramifications of this data breach were significant as the information could be easily used for criminal activities including fraud and identity theft.

True to their word, the hacking group did put the information on offer in batches going upwards from $100,000.

These events earlier this year show that TheDarkOverlord is serious about leaking the WestPark Capital’s data.

During the healthcare systems hack, this hacking group apparently called a number of the patients and informed them that their information was going to be leaked or sold online.

A journalist who communicated with the hacker through an encrypted chat was a testament to this.

As such, the data breach at WestPark Capital could have serious consequences for the affected parties.


The WestPark Capital hacking incident reveals a worrying direction in cybercrime.

TheDarkLord released about 20 files, containing background checks on key individuals, Social Security numbers, non-disclosure agreements, contracts, reports, internal presentations, and private stock offering information.

According to estimates by John Bambenek, the initial ransom that the hacking group demanded was more than $1 million.

Bambenek is the threat systems manager for Fidelis Cyber Security.

This amount could be the “handsome proposal” made to Richard Rappaport that TheDarkOverlord was referring to during their online chat with Motherboard.

The bank’s failure to pay this amount is probably the motivation behind the hacking group leaks.

It is relatively safe to assume that investigations are currently underway to find out exactly how the hacking group managed to execute the data breach.

According to a report by FTSE Global Markets, Jamie Moles, a cyber-security consultant, speculates on the possible weak link that could have facilitated the hack.

Moles pointed out the network perimeter security implemented by WestPark Capital.

The investment bank’s failure at limiting the number of IP addresses authorized to access their network remotely could have been their undoing.

The hacking group themselves stated that their access to WestPark’s data was aided by vulnerabilities in Microsoft Remote Desktop Protocol lending credibility to Jamie Moles’s speculations.

However, without conclusive data from the investigations, the hacking methodology remains open to debate.

This attack stands out as it adds to this year’s trend in online extortion.

For some time, institutions have mostly been focusing on ransomware attacks. Ransomware attacks are whereby cybercriminals encrypt company data and demand ransom for its decryption.

While these types of attacks can be mitigated through backup systems and other cyber security measures, the WestPark Capital attack where data is stolen is much more difficult to manage.

Since hacking groups like TheDarkOverlord usually threaten to damage a company’s reputation, payment of the ransom would be the path of least resistance for many organizations.

It seems like cybercrime is getting more and more sophisticated and may prove to be a major networking pain point in years to come.

Source : darkwebnews

Live Classes Schedule

There are no up-coming events


World's leading professional association of Internet Research Specialists - We deliver Knowledge, Education, Training, and Certification in the field of Professional Online Research. The AOFIRS is considered a major contributor in improving Web Search Skills and recognizes Online Research work as a full-time occupation for those that use the Internet as their primary source of information.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.