The US Justice Department on Tuesday announced charges against two men from New York and Rhode Island over their alleged roles in a doxing operation that involved hacking into a law enforcement portal and a police official’s email account.
The suspects, 19-year-old Sagar Steven Singh (aka Weep) and 25-year-old Nicholas Ceraolo (aka Convict and Ominous), have been charged with conspiracy to commit computer intrusions, for which they face up to five years in prison. Ceraolo has also been charged with conspiracy to commit wire fraud, for which he faces a maximum of 20 years in prison.
Singh has been arrested, but Ceraolo remains at large.
According to the DoJ, Singh and Ceraolo were part of a cybercrime operation named ‘Vile’, which involved extorting individuals by threatening to make their personal information public — or doxing them.
Members of the Vile group collected victims’ names, physical addresses, email addresses, phone numbers, social security numbers, and other information, and then threatened to make it public on their website unless they paid up. Victims could also pay to have information removed from the site.
In order to obtain information on the targeted individuals, they relied on various methods, including tricking customer service representatives and using insiders.
However, the charges brought against them focus on the theft of a police officer’s access credentials for a restricted law enforcement database containing detailed information, including intelligence reports, and currency and narcotics seizure records.
Authorities have not said which law enforcement portal was targeted, but cybersecurity blogger Brian Krebs, who wrote about these types of doxing operations in the past, revealed that it was a portal belonging to the US Drug Enforcement Agency (DEA).
Krebs broke the news about the DEA portal getting hacked nearly one year ago, when he explained that the compromised portal is linked to more than a dozen different federal law enforcement databases.
In addition to using the hacked law enforcement portal, the Vile group impersonated law enforcement officers in order to obtain information about victims from online service providers.
In one case mentioned in the indictment, Singh, Ceraolo and other members of the operation gained access to the email account of a police official in Bangladesh. They then used that account to pose as the officer in an effort to convince social media platforms to hand over information about specified subscribers, claiming that they had been suspected of various crimes, such as blackmail and “child extortion”.
“Ceraolo also used the Bangladeshi police account to attempt to purchase a license from a facial recognition company whose services are not available to the general public,” the DoJ said.
The Bangladeshi police officer’s email account was also used to send data requests to an online gaming platform, but the attempt failed as the company became suspicious.
Ceraolo was mentioned in several news stories in the past years for finding vulnerabilities in the systems of major telecommunications companies in the US.
Related: Alleged NetWire RAT Operator Arrested in Croatia as FBI Seizes Website
Related: Two Men Arrested for JFK Airport Taxi Hacking Scheme