Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

‘Dark Overlord’ Hacker Sentenced to 5 Years in Prison

A United Kingdom national who was a member of ‘The Dark Overlord’ hacking group was sentenced to five years in federal prison, the United States Department of Justice announced this week.

A United Kingdom national who was a member of ‘The Dark Overlord’ hacking group was sentenced to five years in federal prison, the United States Department of Justice announced this week.

The man, Nathan Wyatt, 39, was extradited to the United States in December 2019. On Monday, he pleaded guilty to participating in activities associated with The Dark Overlord, a threat group that hacked US and UK companies to steal data and hold it for ransom.

Wyatt admitted in a U.S. district court in St. Louis that, starting 2016, he operated as a member of the hacking group known as The Dark Overlord, which compromised the networks of multiple companies, including those in the financial, healthcare, legal, film, and other sectors.

The group, Wyatt admitted, stole sensitive data from the targeted companies, including personal information and patient medical records. The hackers then threatened to make the data public unless ransom amounts ranging between $75,000 and $350,000 were paid, in Bitcoin.

In a 2017 indictment, Wyatt was charged with setting up phone and email accounts that The Dark Overlord group used to send threatening messages to victim companies.

Wyatt admitted in court to “creating, validating, and maintaining communication, payment, and virtual private network accounts” that the hacking group used as part of their scheme.

Prior to being extradited to the US, Wyatt served 14 months in a UK prison, after he pled guilty in a separate indictment related to blackmail, the use of stolen card data, and possession of a fake passport.

Wyatt, St. Louis local media reports, apologized during the Zoom-held hearing, saying he suffered from mental problems. He also said he is now on medication.

Brocca Morrison, his lawyer, pointed out that, although he participated in the scheme, he did not orchestrate it and is the only hacker to have been identified so far.

“Nathan Wyatt used his technical skills to prey on Americans’ private data and exploited the sensitive nature of their medical and financial records for his own personal gain. Today’s guilty plea and sentence demonstrate the department’s commitment to ensuring that hackers who seek to profit by illegally invading the privacy of Americans will be found and held accountable, no matter where they may be located,” Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division said.

Related: Moderator of AlphaBay Dark Web Marketplace Gets 11 Years in Prison

Related: Man Sentenced to 5 Years in Prison for DDoS Attacks

Related: Developer of DDoS Botnets Based on Mirai Code Sentenced to Prison

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.