Two men from a cybercriminal group known as ViLE have been sentenced for hacking into a federal law enforcement portal and using the stolen data to threaten and extort victims.
What happened
This week, two members of the cybercriminal group ViLE were sentenced for their part in an identity theft and extortion scheme that included hacking into a federal law enforcement database. Using stolen login credentials, the men accessed a DEA-linked online portal containing sensitive, nonpublic records on narcotics and cash seizures. The group then used the stolen personal data to intimidate victims into complying with demands, including handing over social media accounts or paying to have their data withheld from public exposure.
Sagar Steven Singh (aka “Weep”), 21, received a 27-month prison sentence. Nicholas Ceraolo (aka “Convict,” “Anon,” and “Ominous”), 26, was sentenced to 25 months. Both pleaded guilty to aggravated identity theft and conspiracy to commit computer intrusion.
Going deeper
ViLE was known for doxing, collecting, and publishing private personal data to harass, threaten, or extort individuals. Their methods included impersonating law enforcement, tricking customer service agents, submitting fake legal requests to obtain records, and bribing insiders at private companies.
On May 7, 2022, the two defendants used stolen credentials from a law enforcement officer to gain unauthorized access to a DEA-associated portal that aggregated data from 16 federal agencies. They stole sensitive information like Social Security numbers and driver’s license details, which they used to threaten victims or extort payments in exchange for keeping the data offline.
According to court filings, victims were messaged directly with their own stolen data and threatened with public exposure unless they complied. In one case, Singh told a victim to surrender control of their Instagram accounts or risk harm to their family.
What was said
Homeland Security Investigations Acting Special Agent Michael Alfonso described the operation as “deceptive, exploitative, and calculated,” indicating how the group joked about their crimes even as they feared police intervention.
Messages between Singh and Ceraolo showed they were aware of the legal severity of their actions. The U.S. Department of Justice confirmed the sentencing but has not yet revealed the status of investigations into the remaining ViLE members.
FAQs
What is "doxing" and how is it used in cybercrime?
Doxing involves collecting and publicly exposing someone's private or identifying information, often to intimidate, harass, or extort them.
What kind of portal did ViLE hack into?
The hackers accessed a DEA-associated portal used to share intelligence with law enforcement agencies. It contained detailed data on drug-related investigations, seizures, and personal information.
How do hackers obtain law enforcement credentials?
Tactics include phishing, social engineering, or insider theft, where someone close to or inside a target organization leaks access credentials.
Farah Amod
