Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack
Minnesota man 'Snoopy' sentenced to 18 months for role in 2022 DraftKings credential stuffing attack.
Summary
Nathan Austad, a 21-year-old from Minnesota who operated under the alias 'Snoopy,' was sentenced to 18 months in federal prison for his role in a November 2022 credential stuffing attack that compromised approximately 60,000 DraftKings user accounts. The attackers stole roughly $600,000 directly from accounts and sold access to the remaining compromised accounts through cybercriminal marketplaces. Austad was ordered to pay over $1.3 million in restitution and forfeit $463,000 in cryptocurrency proceeds, and is the third and final defendant sentenced in the case.
Full text
A 21-year-old Minnesota man who operated under the online alias “Snoopy” was sentenced Tuesday to 18 months in federal prison for his role in a 2022 credential stuffing attack that compromised roughly 60,000 user accounts on the fantasy sports and betting platform DraftKings, resulting in hundreds of thousands of dollars in losses to customers. Nathan Austad pleaded guilty in December to one count of conspiring to commit computer intrusion in the U.S. District Court for the Southern District of New York, which imposed the sentence. In addition to the prison term, Austad was ordered to serve three years of supervised release, pay over $1.3 million in restitution, and forfeit an additional $463,000. In November 2022, Austad and his co-conspirators launched the attack against DraftKings via credential stuffing, successfully compromising approximately 60,000 accounts. In roughly 1,600 of those cases, the attackers added a new payment method under their own control to the compromised account and withdrew the available funds, stealing approximately $600,000 in total. Access to the remaining compromised accounts was sold through cybercriminal marketplaces. Austad operated his own such shop, named after the Peanuts comic strip character Snoopy. Investigators also identified cryptocurrency accounts under Austad’s control that received approximately $465,000 in assets, including proceeds from his criminal activity. A screenshot of the Snoopy cybercrime marketplace (Department of Justice) Among the evidence presented in court were private messages in which Austad and his co-conspirators acknowledged that federal investigators were examining their activities even as the scheme was ongoing. In Dec. 2022, Austad wrote to a co-conspirator: “everyone shouldve been prepared for this before cashing out lol.” The co-conspirator replied: “lol fbi can’t do s–t.” Months later, Austad wrote: “like we didnt know the risk when we started lol . . . everyone knows their [sic] committing fraud.” U.S. Attorney Jay Clayton cited those exchanges in his statement following the sentencing.“The defendants acknowledged the federal investigation into their conduct while they were committing their crimes, even having the hubris to say the FBI could not do anything about it,” Clayton said. “They were wrong.” DraftKings disclosed the breach in Nov. 2022, initially reporting that less than $300,000 had been stolen from affected customers. A month later, the company revised that figure, disclosing that 67,995 accounts had been compromised. Federal prosecutors have not officially named DraftKings in court filings, referring to the target as a “fantasy sports and betting website,” though the details of the attack match the breach the company disclosed publicly. Austad is the third defendant to be sentenced in the case. Joseph Garrison received 18 months in prison in January 2024, and Kamerin Stokes, who used the alias “TheMFNPlug,” received 30 months in April 2026. Share Facebook LinkedIn Twitter Copy Link
Indicators of Compromise
- malware — credential stuffing attack