The Dark Overlord (TDO): Big Deal or Bogus?

1. thedarkoverlord: a hacking group that has done a couple of minor breaches with major media and intel agency attention. Probable Limited Hangout Operation. Considering their main advertisers are intelligence agencies they are likely assets/fronts of those intelligence agencies. Add to that the longwinded articles and referring to themselves as a “Professional Adversarial Threat Group” which is intelligence community jargon.
2.  
3. Databreaches.net seems like their primary booster/press cut-out.
4.  
5. GCHQ notice
6. https://www.ncsc.gov.uk/report/weekly-threat-report-3rd-november-2017
7. https://archive.fo/zmv0c
8.  
9. FBI notice
10. https://info.publicintelligence.net/FBI-CyberCriminalsSchools.pdf
11. https://web.archive.org/web/20181108133344/https://info.publicintelligence.net/FBI-CyberCriminalsSchools.pdf
12.  
13. Motherboard profile
14. https://motherboard.vice.com/en_us/article/ae5w7a/meet-the-hackers-holding-netflix-to-ransom
15. https://archive.fo/IIHDl
16.  
17. Washington Post article
18. https://www.washingtonpost.com/news/answer-sheet/wp/2017/10/26/education-department-warns-of-new-hacker-threat-as-dark-overlord-claims-credit-for-attacks-on-school-districts/??noredirect=on
19. https://archive.fo/Tjy00
20.  
21. Commercial insurance hack
22. http://www.globallegalpost.com/big-stories/us-law-firm-hack-hits-global-insurer-15490236/
23. https://archive.fo/QCMQU
24.  
25. Billings Gazette article
26. https://billingsgazette.com/news/local/after-columbia-falls-hack-that-closed-schools-experts-call-for/article_e3a8584e-cd15-5f19-a4e0-37bc2dbb2a1c.html
27. https://archive.fo/ZiztU
28.  
29. Flathead Beacon article that reports Senator Daines asking FBI director Wray about them.
30. https://flatheadbeacon.com/2017/09/27/daines-raises-concerns-cyber-terrorism-fbi-director/
31. https://archive.fo/blxg9
32.  
33. Bragging interview
34. https://www.databreaches.net/exclusive-government-attempt-to-compromise-us-with-nit-failed-thedarkoverlord/
35. https://archive.fo/jQ4Dq
36.  
37. Older hacks
38. https://www.databreaches.net/wp-content/uploads/About-Us-Caribbean-Island-Properties.pdf
39. https://www.databreaches.net/wp-content/uploads/TDO.pdf
40.  
41. Contracts
42. https://pastebin.com/uhmBuqij
43. https://archive.fo/YmCNK
44. https://pastebin.com/BRku4RbJ
45. https://archive.fo/2YtIv
46.  
47. Press release
48. pastebin.com/4F5R8QyQ
49. https://archive.fo/1nRLt
50.  
51. “Signed message” for 4chan thread
52. pastebin.com/0uBSX3Zw
53. https://archive.fo/4lDgE
54.  
55. “Official” Twitter account
56. https://twitter.com/tdo_h4ck3rs
57. https://archive.fo/EmJWs
58.  
59. They list their parent company as World Wide Web, LLC. Probably bogus, but two such companies exist.
60. Hawaii: Defunct computer consultant that is now a click farm website.
61. https://www.bbb.org/us/hi/kihei/profile/computer-consultant/world-wide-web-llc-1296-53046806
62. http://mauiseo.com/
63. https://archive.fo/plloI
64.  
65. Dubai
66. https://www.atninfo.com/details.html?selCriteria=company&val=323824
67. https://archive.fo/CJHar
68. http://dubai.classonet.com/World-Wide-Web-LLC
69. https://archive.fo/YWjtm
70. http://wwidew.com/
71. https://archive.fo/Tqhlx
72.  
73. TOR URL
74. kickassugvgoftuk.onion
75.  
76. PGP Key
77. 0x64563922b573dd1b
78.  
79. Email address
80. tdohackers@protonmail.com
81. tdohackers@protonmail.com
82. Backup1 Email address
83. thedarkoverlord@msgsafe.io
84. Backup2 Email address:
85. thedarkoverlord@torbox3uiot6wchz.onion
86. Unlisted/Defunct Email address
87. michael.rooler@protonmail.com
88. Make your own at (www.torbox3uiot6wchz.onion)
89.  
90.  
91. Possible Michael Rooler(s)
92. https://www.facebook.com/people/Michael-Rooler/100003548597007
93. https://id-id.facebook.com/people/Michael-van-Rooler/100001919086669