‘Dark Overlord’ hacker pleads guilty, sentenced to 5 years for extortion threats

"I don't want to see another computer for the rest of my life," Nathan Wyatt, a U.K. man, said during a court hearing.
(Getty Images)

Years after he threatened to publicly release information from hacking victims unless they agreed to his digital extortion demands, Nathan Wyatt is headed to a U.S. prison.

A judge in the Eastern District of Missouri on Monday sentenced Wyatt, 39, to five years in prison after he pleaded guilty to assisting a hacking crew known as The Dark Overlord. Wyatt, who had previously entered a plea of not guilty, participated in a court hearing by phone from a jail in St. Charles County, Missouri.

“I’d like to apologize for the role that I played in this,” Wyatt said, through tears, adding that he struggles with a mental illness that affects his decision-making ability. “I can promise you that I just want to go home to my family. I’m out of that world, and I don’t want to see another computer for the rest of my life.”

Wyatt also is subject to three years of supervised release following his prison term, and will need to pay more than $1 million to the Dark Overlord’s victims.


The plea and sentencing caps a years-long legal saga in which Wyatt, a U.K. resident who went by the online alias “Crafty Cockney,” lost a bid to avoid extradition to the U.S., during a period in which The Dark Overlord gang has intermittently claimed more victims.

He pleaded guilty Monday to one count of conspiracy against the U.S. Two other charges, aggravated identity theft and threatening damage to a protected computer, were dropped.

U.S. prosecutors alleged that Wyatt was involved in attacks against four unnamed health care companies in 2016, and a public accounting firm “whose owner received an email that contained personal information about his family and business, with a threat to publish unless 250 bitcoins were paid.” In one case, the attackers combined corporate data with information about the company’s owner to blackmail to the owner’s family members. They also threatened to publish stolen data from another firm unless it agreed to pay $75,000, only to post the sensitive information on Twitter.

Wyatt’s role in the scheme was to create email and phone accounts that he used to threaten victims, according to the U.S. Department of Justice.

The Dark Overlord hacking group is perhaps best known in the U.S. for its early foray in the world of digital extortion, a technique that has soared in popularity since more hackers started to adopt ransomware as a mechanism to boost revenue. The crew published unreleased episodes of the Netflix show “Orange Is The New Black” after Netflix paid a ransom in 2017, forced school closures by threatening students and their families, and last year published stolen legal documents related to the 9/11 terrorist attacks.


After police in Serbia said in May 2018 they had arrested another member of the The Dark Overlord, identified only as S.S., the group posted job listings on cybercriminal forums aiming to fill its ranks.

“If you’re goal-oriented and used to objectives and achieving them, then you’re perfect for us,” the advertisement said. “Must have a winning attitude. Life’s too short not to be rich.”

Wyatt was first arrested by British police in 2016 on suspicion of hacking the iCloud account of Pippa Middleton, the socialite and sister of the Duchess of Cambridge, to access private images.He was released without charges in that case, only to plead guilty in 2017 to 20 counts of fraud, holding a fake passport and blackmail.

Wyatt’s legal team spent much of 2019 trying to avoid his extradition to the U.S. He was extradited to Missouri, and arraigned on Dec. 18.

The 2017 indictment against Wyatt is available in full below.


[documentcloud url=”” responsive=true]

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts