2 teenagers hacked into the database of US intelligence agencies, posing as a police officer

On March 14, US police arrested a 19-year-old teenager suspected of belonging to the ViLE criminal group on charges of hacking into a police officer’s account.

U.S. District Attorney’s Office stated that Sagar Steven Singh (19), along with his accomplice Nicholas Seraolo (25), not only blackmailed the victims by threatening to post their personal data online, but also filed “emergency requests” (emergency request) to social networks, requesting information about users. The names of social networks were not disclosed. The criminals deceived representatives of social networks, begging for information about users under the pretext that “the death of these people is inevitable.”

The database in question contains “confidential drug and currency seizure records” as well as “law enforcement reports”. This means that it is possibly a Drug Enforcement Administration (DEA) database. According to court documents, criminals look for affidavits online (affidavits) and distribute them to other attackers by posting them on forums.

Sagar Stephen Singh appeared in federal court yesterday, and Seraolo, 25, is still at large. If the court finds Seraolo guilty, he could receive up to 20 years for conspiracy to commit wire fraud, and together the accomplices could be sentenced to 5 years in prison for conspiracy to commit computer intrusions.

According to prosecutors, Singh and Seraolo used a police officer’s credentials to access a “secret, password-protected web portal” maintained by a US federal law enforcement agency. The portal exchanges information from government databases with state and local law enforcement agencies.

The prosecutor’s office claims that the criminals gained access to the portal using the “Weep” descriptor, and then, using personal data from the database, blackmailed the victims. ViLE is described as “a group of cybercriminals who specialize in obtaining the personal data of victims, which is then used to harass, threaten or extort – a practice known as doxxing.

Emergency requests are requests made by governments around the world to social networks in order to obtain necessary information about an account in the course of an investigation or criminal prosecution of a user. For example, in the first half of 2022, various intelligence agencies requested data from Meta* on 237,000 users. Meta* completed over 75% of these requests. Each request is carefully reviewed by lawyers, and the company may reject the request or require more specifics if the request is too broad or vague.

* The Meta company and the company’s products (Instagram and Facebook) are recognized as extremist organizations; their activities are prohibited on the territory of the Russian Federation.