I’ve reported on Nathan Wyatt a number of times, including the extradition request by the U.S., his appeal, and his failure to win his appeal of the extradition order. So we knew this was coming, but let’s start with a recap of the charges he’s facing:
- One count of conspiracy against the U.S. (18 USC 371 )
- Two counts of aggravated identity theft (18 USC 1028)
- Three counts of threatening damage to a protected computer (18 USC 1030)
From the DOJ’s press release of today:
MEMBER OF “THE DARK OVERLORD” HACKING GROUP EXTRADITED FROM UNITED KINGDOM TO
FACE CHARGES IN ST. LOUIS
Defendant Conspired to Steal Sensitive Personally Identifying Information from Victim Companies and Release those Records on Criminal Marketplaces unless Victims Paid Bitcoin Ransoms
WASHINGTON – A United Kingdom national appeared today in federal court on charges of aggravated identity theft, threatening to damage a protected computer, and conspiring to commit those and other computer fraud offenses, related to his role in a computer hacking collective known as “The Dark Overlord,” which targeted victims in the St. Louis, Missouri, area beginning in 2016.
Nathan Wyatt, 39, was extradited from the United Kingdom to the Eastern District of Missouri and arraigned on Dec. 18 before U.S. Magistrate Judge Shirley Padmore Mensah. He pleaded not guilty and was detained pending further proceedings.
A federal grand jury indicted Wyatt on Nov. 8, 2017. According to court records, beginning in 2016, Wyatt was a member of The Dark Overlord, a hacking group that was responsible for remotely accessing the computer networks of multiple U.S. companies without authorization, obtaining sensitive records and information from those companies, and then threatening to release the companies’ stolen data unless the companies paid a ransom in bitcoin. Victims in the Eastern District of Missouri included healthcare providers, accounting firms, and others. Among other things, Wyatt is alleged to have participated in the conspiracy by creating email and phone accounts that he used to send threatening and extortionate emails and text messages to certain victims,
including victims in the Eastern District of Missouri.
…. The investigation was conducted by the FBI’s St. Louis Field Office. The FBI’s Atlanta Field Office also provided support. The Criminal Division’s Office of International Affairs coordinated the extradition of Wyatt. The department thanks law enforcement and international cooperation authorities in the United Kingdom for their substantial assistance in the investigation.
Senior Counsel Laura-Kate Bernstein of the Criminal Division’s Computer Crime and Intellectual Property Section, and Assistant U.S. Attorneys Gwendolyn Carroll and Matthew Drake of the Eastern District of Missouri are prosecuting the case.
The details contained in the charging document are allegations. The defendant is presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
Related: In a previous post, I have named the victim entities based on the indictment’s description of them and my previous extensive reporting on thedarkoverlord.
Related: the Indictment: