Thedarkoverlord (TDO) has breached yet another company this week, though at this time they are no longer requesting a ransom for the information. TDO breached servers belonging to Channel Ship Services, who provide armed security aboard maritime vessels around the world. According to the group, they have accessed employee data, customer data, and shipping routes for vessels utilizing Channel Ship Services security. According to a statement made by TDO they are debating selling the information to pirates in various areas around the world, and to other criminal organizations. TDO apparently had breached the company’s servers nearly one month ago and attempted to ransom the data at that time, but Channel Ship Services took too long to pay. It is possible that Channel Ship Services was attempting to slow play the negotiations so that the compromised shipping routes could be adjusted or become useless for the ships who were able to make port–protecting both the crews, the customers, and their employees. Shortly after posting about Channel Ship Services, Twitter suspended TDO’s account, the group is retaliating by planning to release a copy of a warrant served to Twitter by the Federal government in an attempt to collect data on the person running the TDO account.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased