19 June 2024

Two ViLE gang members plead guilty to hacking law enforcement portal


Two ViLE gang members plead guilty to hacking law enforcement portal

Two hackers pleaded guilty to conspiring to commit computer intrusion and aggravated identity theft. Sagar Steven Singh and Nicholas Ceraolo, charged in March 2023, admitted to using a stolen law enforcement officer's password to gain unauthorized access to a nonpublic portal maintained by a US law enforcement agency.

The hackers, operating under the moniker “ViLE,” concocted a scheme that involved doxing and extortion tactics to extract money from their victims. According to officials, Singh and Ceraolo gathered sensitive personal information, including Social Security and driver's license numbers, and threatened to post this data publicly unless paid to remove it. The duo employed various illicit methods to obtain personal information, which they then used to harass, threaten, or extort their victims.

These tactics included: tricking customer service employees, submitting fraudulent legal requests to social media companies for users’ registration information, corrupting corporate insiders, searching public and private online databases, unauthorized access to a nonpublic US government database, illegally using official email accounts from other countries.

According to officials, Singh and Ceraolo compromised the password-protected online portal maintained by a US federal law enforcement agency, designed to share intelligence from government databases with state and local law enforcement agencies. It provided access to detailed, nonpublic records of narcotics and currency seizures, as well as law enforcement intelligence reports.

In one instance, Singh threatened to “harm” a victim’s family unless the victim provided Instagram login credentials. To emphasize the threat, Singh appended the victim’s Social Security number, driver’s license number, home address, and other personal details in his communication.

Both Singh and Ceraolo face a maximum sentence of seven years in prison.

Back to the list

Latest Posts

Daggerfly APT targets Taiwanese orgs and US NGO in China with upgraded malware arsenal

Daggerfly APT targets Taiwanese orgs and US NGO in China with upgraded malware arsenal

The attackers exploited a bug in an Apache HTTP server to deliver the MgBot malware.
23 July 2024
New FrostyGoop ICS malware left over 600 apartment buildings in Ukraine without heat

New FrostyGoop ICS malware left over 600 apartment buildings in Ukraine without heat

The attackers likely gained access through a vulnerability in an externally facing Mikrotik router.
23 July 2024
NCA infiltrates, disrupts Digitalstress DDoS-for-Hire service

NCA infiltrates, disrupts Digitalstress DDoS-for-Hire service

The crackdown follows the arrest of one of the site's suspected admins earlier this month.
23 July 2024