Wellingborough man jailed for role in 'The Dark Overlord' hacking group

A Wellingborough man has been sentenced to five years in federal prison after pleading guilty to conspiring to commit aggravated identity theft and computer fraud.

US District Judge Ronnie White for the Eastern District of Missouri sentenced Nathan Wyatt, 39, of Wellingborough who participated in a computer hacking collective known as 'The Dark Overlord,' which targeted victims in the St. Louis area beginning in 2016.

Wyatt was extradited from the UK to the Eastern District of Missouri in December 2019.

Judge White also ordered Wyatt to pay $1,467,048 in restitution.

Following sentencing this week, Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division said: “Nathan Wyatt used his technical skills to prey on Americans’ private data and exploited the sensitive nature of their medical and financial records for his own personal gain.

"Today’s guilty plea and sentence demonstrate the department’s commitment to ensuring that hackers who seek to profit by illegally invading the privacy of Americans will be found and held accountable, no matter where they may be located.”

USAttorney Jeff Jensen of the Eastern District of Missouri said: "The Dark Overlord has victimised innumerable employers in the United States, many of them repeatedly.

“I am grateful to the victims who came forward despite ransom threats and to the prosecutors and agents who were the first to catch and punish a member of The Dark Overlord in the United States."

Special Agent in Charge Richard Quinn of the FBI’s St. Louis Field Office said: “Cyber hackers mistakenly believe they can hide behind a keyboard.

“In this case, the FBI demonstrated once again that it will impose consequences on cyber criminals no matter how long it takes or where they are located.”

Wyatt admitted that, beginning in 2016, he was a member of The Dark Overlord, a hacking group that was responsible for remotely accessing the computer networks of multiple U.S. companies without authorisation.

Victims in the Eastern District of Missouri included healthcare providers, accounting firms, and others.

Wyatt admitted that The Dark Overlord co-conspirators acted by obtaining sensitive data from victim companies, including patient medical records and personal identifying information, and then threatening to release the companies’ stolen data unless the companies paid a ransom of between $75,000 and $350,000 in bitcoin.

Wyatt further admitted that he participated in the conspiracy by creating, validating, and maintaining communication, payment, and virtual private network accounts that were used in the course of the scheme to, among other things, send threatening and extortionate messages to victims within the Eastern District of Missouri.

The investigation was conducted by the FBI’s St. Louis Field Office with support from the FBI’s Atlanta Field Office.

The Justice Department’s Office of International Affairs coordinated the extradition of Wyatt.

Law enforcement authorities in the UK, including the Metropolitan Police Service, have been thanked for their substantial assistance in the investigation.

Senior Counsel Laura-Kate Bernstein of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Gwendolyn Carroll prosecuted the case.