author photo
By Bruce Sussman
Thu | Sep 24, 2020 | 6:09 AM PDT

A key member of The Dark Overlord hacking group will spend five years in U.S. prison. And it's possible no one is more surprised than the hacker himself.

Security researcher Vinny Troia loves to communicate with criminal hackers on the Dark Web; he uses several aliases to do so.

The Dark Overlord: 'too smart to get caught'

And at a recent SecureWorld conference, Troia revealed that he's spent hours messaging and even speaking with The Dark Overlord hacking group. 

And that's when Troia heard the hackers say they would never get caught.

"When I was in one of my conversations with The Dark Overlord, he was telling me about how incompetent the NSA, the National Security Agency, and the CIA were, because they tried to catch him but they couldn't. And he's smarter than they are and he could outsmart them. And how he had the FBI, like, running in circles looking for him, but he's so smart that he outsmarted them as well."

With an outlook like that, we imagine 39-year-old Nathan Wyatt was surprised to be arrested in the U.K. and extradited to the U.S. What does he think about the FBI now? Maybe he has a higher opinion of the bureau's work?

"Cyber hackers may no longer use territorial borders to shield themselves from accountability," said Special Agent in Charge Richard Quinn of the FBI's St. Louis Field Office. "This case is another example of how the FBI successfully works with international law enforcement partners to bring alleged perpetrators to justice."

Wyatt's arrest happened in December 2019, and a judge just handed down his sentence.

The Dark Overlord hacker pleads guilty

A member of the hacking group who told Troia they would not get caught just pleaded guilty to a long list of cybercrimes in a Missouri courtroom.

From the U.S. Department of Justice, about Nathan Wyatt:

"Wyatt admitted that, beginning in 2016, he was a member of The Dark Overlord, a hacking group that was responsible for remotely accessing the computer networks of multiple U.S. companies without authorization.

 Victims in the Eastern District of Missouri included healthcare providers, accounting firms, and others. Wyatt admitted that The Dark Overlord co-conspirators acted by obtaining sensitive data from victim companies, including patient medical records and personal identifying information, and then threatening to release the companies' stolen data unless the companies paid a ransom of between $75,000 and $350,000 in bitcoin. 

Wyatt further admitted that he participated in the conspiracy by creating, validating, and maintaining communication, payment, and virtual private network accounts that were used in the course of the scheme to, among other things, send threatening and extortionate messages to victims..."

The judge in the case sentenced him to five years in prison and to pay $1,467,048 in restitution.

When Vinny Troia spoke with The Dark Overlord over the years, he was bragging:

"He has no problem bragging about anything he's done. And, I mean, it just comes off him in waves. I mean, he's better than everyone."

But in court this week, the convicted hacker had a different tone. The BBC closely followed the case:

"During the hearing, held via Zoom, he apologised and reportedly said that he never wanted to see another computer for the rest of his life."

How many hackers are part of The Dark Overlord?

One question that has not been answered in this case is how many people actually make up The Dark Overlord hacking group?

Security researcher Troia says at least two other members of the group are  living near Calgary, Canada. He says they're each about 19 years old:

"These two boys grew up together. I mean, they've been hacking together for at least the last five years... The motivations are, I mean, it's money like anything else, right?"

And Troia says during his time investigating The Dark Overlord, he realized the members are also linked to other hacking groups. 

"As things went on, it became obvious that the same members of the group were part of several other groups. So, you know, some of the other aliases would include like NSFW or Gnosticplayers and ShinyHunters most recently."

Learn more about The Dark Overlord hacking group

Want to hear more details? Listen to the SecureWorld podcast with security researcher Vinny Troia titled "Hunting the Dark Overlord."