Scam of the day – October 28, 2017 – Infamous hacking group hacks British plastic surgery clinic

The Dark Overlord an infamous hacking group that has been behind many high profile hackings including the hacking into a production studio connected to Netflix has apparently hacked London Bridge Plastic Surgery (LBPS), one of the leading cosmetic surgery clinics in the UK and is threatening to release the names and photographs of patients of LBPS  including those of genitalia and breast enhancement surgeries.  The services of London Bridge Plastic Surgery has been used by many celebrities and even, supposedly, by members of the Royal family.

At this time an extortion demand has not been made, but, assuming The Dark Overlord follows his usual pattern, a demand can be expected shortly.


This is yet another example of the fact that regardless of how vigilant you are at protecting your privacy, you are only as secure as the places with the weakest security that have your personal data, photographs or anything related to you.  The key, in particular, when you do business with any person, company or other entity that will have anything you would want to keep private, is to inquire as to what they do to protect your privacy and security.  Too many companies and other entities fail miserably at taking basic security precautions including encryption.

Scam of the day – June 26, 2017 – Despite receiving ransom, hackers leaked “Orange is the New Black”

I first reported to you in May first’s Scam of the day of the hacking of Larson Studios by the hacking group thedarkoverlord, which demanded a ransom or else they threatened to release the latest season of the Netflix series “Orange is the New Black.”  Larson Studios is a post-production company that works on many Hollywood movies and television shows. Now in an interview with Variety Magazine, Larson Studio’s Vice President, Jill Larson is saying that Larson Studios paid the demanded 50 Bitcoin ransom, but that thedarkoverlord released the fifth season of “Orange is the New Black” regardless, indicating that it did so because Larson Studios had violated their agreement by contacting the FBI.

Thedarkoverlord has performed a number of other ransomware attacks including one in which it hacked a small Indiana charity from which it demanded a ransomware of 50 bitcoins that the charity refused to pay and consequently had its data destroyed.


This story points out the fact that even if you pay a ransom, there are no guarantee that the cybercriminals will honor their bargain.   A recent study done by Spiceworks found that of small to medium businesses who paid a ransom after being hacked with ransomware, 45% did not get their data restored.

The key to not becoming a victim of a ransomware attack is to prevent it in the first place.  Generally, the malware is installed unwittingly by victims when they are lured through phishing and spear phishing emails to click on links infected with the malware.  Never click on links in emails or text messages regardless of how legitimate they may appear until you have verified that it is legitimate.  You should also install anti-phishing software.

It is also important to not only have anti-malware software installed on all of your electronic devices, but to make sure that you update the security software with the latest security patches and updates.  Many victims of ransomware have fallen victim to strains of ransomware for which there are already security software available to thwart it.   Finally, always back up your computer’s data daily, preferably in two different ways in order to protect your data in the event you do become a victim of ransomware.

Ransomware continues to be a growing threat to individuals, large and small companies as well as government agencies, all of which have been targeted by ransomware.  Ransomware malware is readily available for unsophisticated cybercriminals to purchase on the Dark Web. While in the past, the typical manner in which it has been used was to encrypt the data of the target and refuse to release the data back to the victim unless a ransom was paid, the scam has evolved to also include threats of making stolen data public as was done in this instance.

Some older strains of ransomware can be defeated through software that can recover data encrypted by older ransomware programs.  In 2016 through the efforts of international law enforcement organizations and private security companies, the website No More Ransom was launched on which victims of ransomware can go to get decryption tools for many strains of ransomware for free.  Thousands of people have utilized this tool to decrypt their files after a cyber attack  without having to pay a ransom.  Unfortunately, however, there are some newer forms of ransomware for which there are no known decrypting tools developed yet.

Scam of the day – June 8, 2017 – Steve Harvey’s new show hacked

In the last month I have told you about the hacking exploits of a group of hackers who call themselves thedarkoverlord.  In May, nine episodes of the popular Netflix original series, “Orange is the New Black” were posted by them on a publicly available file when their extortion attempt failed. They also claimed to have stolen the most recent  sequel in the successful Pirates of the Caribbean movie series, but this turned out to be a hoax. This type of extortion can only be expected to grow as hackers attack the weakest links in movie and television program development.  In the case of Orange is the New Black and other television shows, the weakest link was a post production studio, Larson Studios.

Now they have released eight episodes of what they say are stolen episodes of the new Steve Harvey show “Steve Harvey’s Funderdome” which will be premiering on ABC on June 11th.


If a bootleg movie or television show is posted online I strongly urge you not to download it.  In addition to the morality and ethics of not participating and encouraging this type of crime, you also run the risk of downloading various types of malware including ransomware and keystroke logging malware that can lead to your becoming a victim of identity theft if you go to the rogue websites where you can find this material.