New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


The Dark Overlord Threat Group Member Pleads Guilty

Nathan Wyatt, a member of the threat group known as The Dark Overlord (TDO) was extradited to the United States from the UK in December 2019. Wyatt received a sentence on September 21st, 2020 for 5 years in prison and was ordered to pay $1,467,048 in restitution to victims after he plead guilty to his charges. Wyatt was identified to be related to the group after used phone numbers registered in his name to reach out to victims, which was his primary task in the group. The Dark Overlord was known to attack their victims and steal sensitive data, then hold that data for large ransoms. If the victims did not pay the ransom, the data would be shared on forums across the Internet or information about the breach would be leaked to the media as a way to entice their victims to pay. Most of the other members from The Dark Overlord have still not been publicly charged with crimes, although the security researcher Vinny Troia released information from his private research into the group that named other individuals whom Troia believed were involved.

Analyst Notes

Law enforcement agencies are working to identify the other member of the group and bring them to justice for their actions. The group would breach a company’s network to steal data and use that to persuade their victims to pay the ransom, much like many ransomware operators are doing today with their darknet websites. The Dark Overlord also would write-up pseudo contracts for their victims as a way to help convince the victims that the threat group would not release the data if the ransom was paid.