Thedarkoverlord releases more 9/11 files, KickAss Forum seized by law enforcement?

Updated: After this post was published, other information became available suggesting that law enforcement may not have taken down KickAss and that the seizure notice placed on that url may have either been placed by KickAss or by some third party or parties. See updates at the bottom of this post. This is obviously a developing story. 🙂

After a few days in which thedarkoverlord did not appear in public, the criminal hackers reappeared today to release more files from 9/11.

In a post on Steem, that is available on the busy.org frontend, they wrote, in part:

Hello, world. As you’re well-aware, we designed a compensation plan that would allow for the public crowd-funding of our organisation in order to permit the public disclosure of our “9/11 Papers” in the interest of the public. Part of this plan was to create a tiered escalation plan that would result in multiple layers and milestones (which we’re calling checkpoints) to ensure the powers at be are being properly bent over a barrel. We’ve said it before, and we’ll say it again: we’re financially motivated, and you (the public) has spoken to us in our language (internet money, specifically Bitcoin). Remember, continuing to fund our wallet will continue to keep us motivated to help break the truth to the world by open-sourcing what we’re calling the “9/11 Papers”. To create a bit more buzz, we’ve decided to continue forward and release the decryption key for Layer 2.

A quick skim of some Layer 2 files indicates that they contain a lot more of the litigation and subrogation files, but they are also starting to get into some other interesting reports relating to the FBI and CIA investigations.

Those who have followed actor James Wood’s activism and tweets on Twitter will likely be interested in a file that concerns him. In January, 2002, a memo was created by Todd A. Scharnhorst of Blackwell Sanders Peper Martin that said:

As a clarification to a prior memo, James Woods, a Hollywood actor, was riding in First Class with four men of Middle-Eastern dissent. He was on an American Airlines flight from Boston to Los Angeles. He thought the men were acting very suspiciously. None of them had anything to eat or drink, they did not read, sleep, nor did they appear to make themselves comfortable. They sat in their seats and stared straight ahead, occasionally “whispering something to one another with inaudible tones.” Woods thought the behavior was odd. He reported it to the flight attendants. He then reported it to the ground crew. Should this have put American Airlines on notice (should they have at least done some type of investigation into the four Middle-Eastern passengers)? As it turns out, it appears the four passengers were four of the hijackers who took over that same flight and crashed it into the World Trade Center. It appears James Woods witnessed a “dry run” of their terrorist takeover.

I need to find time to do more reading in this layer.

In the meantime, and in other news concerning thedarkoverlord, not only did they become the first entity ever banned from Steem (or so they tell me, but I’ve seen others who claimed to have been banned, too), but in a joint law enforcement operation, the Kickass Forum where they were posting their offerings and other information was appeared to have been seized today (see UPDATES).

The notice says:

THIS HIDDEN SITE HAS BEEN SEIZED

as part of a joint law enforcement operation by

the Federal Bureau of Investigation, ICE Homeland Security Investigations,

and European law enforcement agencies acting through Europol and Eurojust

in accordance with the law of European Union member states

and a protective order obtained by the United States Attorney’s Office for the Southern District of New York

in coordination with the U.S. Department of Justice’s Computer Crime & intellectual Property Section

issued pursuant to 18 U.S.C. 983(j) by the

United States District Court for the Southern District of New York

So what hack or criminal activity did they allegedly conduct within the Southern District of New York? Was this a biomedical research firm? Was it Aesthetic Dentistry? Was it some victim that we may not even know about or that I’ve simply forgotten?

As Bits&Digits commented on Twitter, in noting the seizure of the forum:

And like that…. # KickAss the forum that # tdo_h4ck3rs allegedly ran, is down and out. Now, this criminal organization has to make a choice to cut and run or play the gamble. Never a good sign to have your site seized, so much evidence.

So will they cut and run or will they play the gamble? Mainstream media has not been reporting on them for the most part, Twitter banned them, Steem banned them, and now the forum that was part of their communication strategy was seized. And the fact that it was seized by order of the Southern District of New York probably means that there is a sealed complaint, too. But all that said, I don’t think we’ve seen the last of them.

Update 1: AnonFiles, a file-sharing service that thedarkoverlord has used to share files from 9/11 and other hacks, is now down. Nathan Dimoff broke the news about AnonFiles on Twitter, and I just took a screenshot to confirm it:

Holy crap, Batman….. there is some serious efforts afoot to stop thedarkoverlord. Stay tuned…

Update 2: This is intriguing. AnonFiles is back up and Vinny Troia is claiming that the KickAss seizure notice is a fake and that KickAss just went private on another url. Other sources tell me that the seizure notice does NOT appear to be by law enforcement, but that it may not have been posted by KickAss or TDO, either.

When asked about the current situation and risk to users of visiting either site, J. Tate from bits&digits told me,

“I wouldnt trust anything that the intergrity seems to be compromised in. Whether or not there is evidence to support the claims at this moment. All OPSEC engineers know, that in these situations with a multitude of symptoms —safer is to step back.”

So I won’t be going to AnonFiles any time soon… or that KickAss onion url, I guess.