However, if what is unfolding today lives up to its billing, we could be looking at the start of one of the most significant piracy leaks of recent times.
Earlier this evening, the first episode of the brand new season of Netflix’s Orange is the New Black was uploaded to The Pirate Bay, months ahead of its official June release date.
So how did this unreleased content fall into the wrong hands?
As seen from the torrent details uploaded to Pirate Bay, the leak is the work of a hacking entity calling itself TheDarkOverlord (TDO). An extraction of the .torrent file’s meta data reveals a 1.1GB file named:
In information sent to TF, the group says that sometime during the closing months of 2016, it gained access to the systems of Larson Studios, an ADR (additional dialogue recorded) studio, based in Hollywood. The following screenshot reportedly from the leak indeed suggests a copy that was in production and possibly unfinished in some way.
After obtained its haul, TDO says it entered into “negotiations” with the video services company over the fate of the liberated content.
“After we had a copy of their data safely in our possession, we asked that we be paid a small fee in exchange for non-disclosure. We approached them on the Eve of their Christmas,” a member of the group previously told us over an encrypted channel.
So who are TDO? According to several security reports, TDO is a fairly prolific hacking group (their spokesman says they are more than one) that has claimed responsibility for a number of attacks in recent months.
One, which targeted construction company Pre-Con Products Ltd, involved the leak of contracts and a video which purported to show a fatal accident. Another, concerning polyurethane and epoxy product company GS Polymers, Inc, resulted in a leak of data after the company reportedly showed a “disinterest” in “working” with TDO. The group has also targeted medical organizations and leaked gigabytes of data obtained from Gorilla Glue.
As is clear from its actions, TDO takes its business seriously and when the group allegedly contacted Larson Studios before Christmas, they had extortion (their word) in mind. In a lengthy business-like ‘contract’ shared with TorrentFreak, TDO laid out its terms for cooperation with the California-based company.
“This agreement of accord, assurances, and satisfaction is between Larson Studios (the ‘Client’) and thedarkoverlord, a subsidiary of TheDarkOverlord Solutions, a subsidiary of World Wide Web, LLC [WWW, LLC] (the ‘Proposer’),” the wordy contract begins.
In section 2 of the contract, headed “Description of Services,” TheDarkOverLord offers to “refrain from communicating in any method, design, or otherwise to any individual, corporation, computer, or other entity any knowledge, information, or otherwise,” which appears to be an offer not to leak the content obtained.
Unsurprisingly, there were a number of conditions. The subsequent section 3 reveals that the “services” come at a price – 50 bitcoins – plus potential late payment fees, at TDO’s discretion.
TDO informs TF that Larson Studios agreed to the pay the ransom and even sent back the contract.
“They printed, signed, and scanned the contract back to us,” the group says.
A copy seen by TF does have a signature, but TDO claims that Larson failed to follow through with the all-important bitcoin payment by the deadline of 31st December. That resulted in follow-up contact with the company.
“A late fee was levied and they still didn’t hold up their end of the agreement,” TDO says.
In an earlier discussion with TDO after the group reached out to us, we tried to establish what makes a group like this tick. Needless to say, they gave very little away. We got the impression from news reports that the group is mostly motivated by money, possibly power, but to remove doubt we asked the question.
“Are you familiar with the famous American bank robber, Willie Sutton?” a spokesperson replied.
“In an interview, he was once asked ‘Why do you rob banks?’ To which replied, ‘Because that’s where the money is.’ It’s said that this exchange led to the creation of Sutton’s law which states that when diagnosing, one should consider the obvious. We’ll leave you to interpret what we’re motivated by.”
Later, the group stated that its only motivation is its “greed for internet money.”
TorrentFreak understands that the leak of this single episode could represent just the start of an even bigger drop of pre-release TV series and movies. TDO claims to be sitting on a massive trove of unreleased video material, all of it high-quality.
“The quality is almost publish quality. One will find small audio errors and video errors like lack of color correction, but things are mostly complete with most of the material,” TDO says.
TheDarkOverlord did not explain what it hopes to achieve by leaking this video content now, months after it was obtained. However, when questioned the group told us that the information shared with us thus far represents just “the tip of the iceberg.”
In the past few minutes the group has taken to its Twitter account, posting messages directed at Netflix who are likely to be watching events unfold.
This is a breaking news story, updates will follow
Update: The group has published a statement on Pastebin.