The two men, identified as Sagar Steven Singh and Nicholas Ceraolo, subsequently used this information to extort and dox their victims. The accused are believed to be part of a cybercrime group called “ViLE.” “Members of ViLE sought to collect victims’ personal information, such as names, physical addresses, telephone numbers, social security numbers and email addresses. ViLE then posted that information (or threatened to post it) on a public website administered by a ViLE member – an action known as “doxxing.” Victims could pay to have their information removed from or kept off the website,” the U.S. Attorney’s Office said in a press release. Singh has been arrested, but Ceraolo is still at large. Both men have been charged with conspiracy to commit computer intrusions and could each be sentenced to five years in prison. Ceraolo faces an additional 20-year sentence for conspiracy to commit wire fraud.
Accused Breached Federal Database
Singh and Ceraolo allegedly accessed a non-public U.S. law enforcement portal using credentials stolen from a police officer. The portal gave them access to powerful search tools and government databases. “Within one day of this unauthorized access, Singh was using his access to the Portal to extort victims,” the U.S. Attorney’s Office said. The accused allegedly threatened to harm a victim’s family and shared personal details gleaned from the database to compel the victim to do his bidding. Prosecutors believe the two men were fully aware of the magnitude of their wrongdoings, with Ceraolo writing to Singh saying, “were all gonna get raided one of these days i swear.”
Impersonating Law Enforcement to Access Private Data
The complaint also alleges that Ceraolo posed as a police officer to request user data from social media platforms and other service providers. Using a hijacked email account belonging to a Bangladeshi police officer, the accused asked platforms for the physical addresses, email addresses, and telephone numbers of specific users. “Ceraolo also used the Bangladeshi police account to attempt to purchase a license from a facial recognition company whose services are not available to the general public,” the U.S. Attorney’s Office said. Ceraolo used the same tactic to request data from a company that operates a gaming platform. However, the company was suspicious of the request and publicly dismissed it as fraud. This angered Ceraolo, who threatened to hack the company, adding that he would “handle dumping and defacing everything [on the platform] for trying to snitch to homeland security.” Ceraolo allegedly told an associate he could easily earn a six-figure sum by selling the company’s data on the dark web. Fake emergency data requests are a growing problem. In 2022, Apple and Meta handed over user data to malicious actors impersonating cops.
A ‘Widespread Cybersecurity Threat’
Doxxing is considered a “widespread cybersecurity threat.” According to a 2022 report by SafeHome, over 43 million Americans have fallen victim to doxxing. “With the abundance of personal information online, anyone can become a victim of doxing. Posting on social media, signing petitions, or purchasing a property can make a person’s information publicly available, increasing the chances of someone falling victim,” David Emm, Principal Security Researcher, Global Researcher and Analysis Team at Kaspersky, told VPNOverview. Emm said while using a virtual private network (VPN) can provide protection, people must be cautious of the information they willingly share online. “You don’t necessarily have to tell the truth when signing up for new services and apps. These websites do not necessarily require your real mother’s maiden name or date of birth, for example, so feel free to create a fictional one to protect yourself,” he said. Emm highlighted the importance of good cybersecurity practices like using strong, unique passwords for each platform, using separate email accounts for different purposes, using multi-factor authentication, and keeping an eye out for phishing emails. He also encouraged institutions to invest in dark web monitoring and other threat intelligence tools and partner with cybersecurity providers who can provide much-needed insights into the threat landscape. You can read more about Kaspersky’s recommendations to protect yourself from doxing here.