Nathan Francis Wyatt, 39, appeared in federal court in St. Louis, Missouri, on Wednesday to face charges related to his role in hacking healthcare and accounting companies in the U.S. and then threatening to publish stolen information unless victims paid a ransom in Bitcoin.
According to a court indictment unsealed yesterday, Wyatt faces one count of conspiracy, two counts of aggravated identity theft and three counts of threatening to damage a protected computer.
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology
Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.Join Now
However, the suspect has not yet pledged guilty to any of the charges in the U.S. federal court, where he appeared after fighting for 11 months to avoid being extradited from Britain.
Cyber Attacks by The Dark Overlord Group
British police first arrested Wyatt in September 2016 during an investigation into the hacking of an iCloud account belonging to Pippa Middleton, the younger sister of the British royal family member Duchess of Cambridge, and stealing 3,000 images of her.
Though he was released in that case without charge due to lack of evidence, Wyatt was again arrested in September 2017 over hacking companies, credit card fraud, and blackmail schemes.
The indictment does not name the companies allegedly attacked by The Dark Overlord hacking group between February 2016 and June 2017 but says the victims include multiple healthcare providers and accounting firms in Missouri, Illinois, and Georgia states.
However, the Dark Overload is the same hacking crew that previously has been attributed to a number of hacking attacks, including leaking 10 unreleased episodes of the 5th season of 'Orange Is The New Black' series from Netflix and hacking Gorilla Glue, Little Red Door cancer service agency, among others.
The Dark Overlord Threatened Victims and their Relatives
According to the press release published by the Justice Department, Wyatt created and operated the email and phone accounts to threaten the compromised organizations to extort money, and in case victims refused to pay, Wyatt harassed and threatened their relatives.
Among other threatening messages the defendant sent to the victims, the indictment accused Wyatt of sending threatening text messages to the daughter of one of the owners of the Farmington company, asking her, "hi ... you look peaceful ... by the way did your daddy tell you he refused to pay us when we stole his company files?"
The hacking group members also threatened to call the public accountants' clients "one by one" unless the company paid the ransom.
"Today's extradition shows that the hackers hiding behind The Dark Overlord moniker will be held accountable for their alleged extortion of American companies," said Brian A. Benczkowski, Assistant Attorney General of the Justice Department's Criminal Division.
"We are thankful for the close cooperation of our partners in the United Kingdom in ensuring that the defendant will face justice in U.S. court."
Prosecutors have asked the court to keep Wyatt in jail until trial.