Tech

Ransomware gang threatens release of ‘Top Secret’ documents from U.S. Marshals (updated)

The hackers claim to have obtained 327,268 files from the law enforcement agency.

Photo of Mikael Thalen

Mikael Thalen

US Marshalls looking at hacker and top secret documents

A ransomware gang claims it has hacked data from the U.S. Marshals Service and is threatening to release “Top Secret” documents.

Featured Video

In a recent post to its site on the dark web, the cybercrime group known as Hunters International added the law enforcement agency to its list of alleged victims, alongside a countdown timer set for roughly two days.

https://twitter.com/DailyDarkWeb/status/1828130288289124543

The threatened data leak comes after the U.S. Marshals Service suffered a ransomware attack in February 2023.

Advertisement

In statements to media outlets, the U.S. Marshals Service appeared to imply the data is from the previous hack.

U.S. Marshals Service spokesman Brady McCarron declined to reference the data’s legitimacy but noted that it did not appear to have come from “any new or undisclosed incident.”

The data, according to sources who spoke with Recorded Future News, “is identical” to the information stolen from the U.S. Marshals Service in February of last year

It’s possible that Hunters International purchased or obtained the data from that breach, which has never been previously released, and is now selling it. No ransomware gang ever took credit for the initial incident and the agency did not disclose at the time whether it knew the group behind the attack.

Advertisement

The posting, as viewed by the Daily Dot, claims that 386 GB of data, made up of 327,268 files, were obtained in the breach. Screenshots of the purported data suggest the leak includes dossiers on gang members and their mugshots, files marked “Confidential” and “Top Secret,” as well as files from the FBI.

One such top-secret document appears to be a report from the Organized Crime Drug Enforcement Task Group. A document under the FBI label is listed as a white paper on Instagram from the National Domestic Communications Assistance Center, a hub containing collective technical knowledge and resources of law enforcement.

Other screenshots reference electronic surveillance, ongoing cases, and documents related to “Operation Turnbuckle,” the name of a law enforcement effort that saw the takedown of alleged drug traffickers in 2022.

The posting does not indicate that the criminal organization encrypted any files belonging to the U.S. Marshals Service, but instead, based on the countdown timer, is seeking a ransom from the government entity in order to not leak or sell the data.

Advertisement

Internet culture is chaotic—but we’ll break it down for you in one daily email. Sign up for the Daily Dot’s web_crawlr newsletter here. You’ll get the best (and worst) of the internet straight into your inbox.

 
The Daily Dot