Members of ViLE Hacker Group Arrested for Hacking DEA Portal

Two members of the cybercriminal group “ViLE” were sentenced this week in Brooklyn federal court for their roles in a high-profile hacking and extortion scheme targeting a U.S. federal law enforcement web portal.

Sagar Steven Singh, known online as “Weep,” received a 27-month prison sentence, while Nicholas Ceraolo, also known as “Convict,” “Anon,” and “Ominous,” was sentenced to 25 months for conspiracy to commit computer intrusion and aggravated identity theft.

The ViLE group specialized in “doxing”—the malicious act of gathering and publishing personal information to harass or extort victims.

According to court documents, Singh and Ceraolo used a stolen law enforcement officer’s credentials to access a nonpublic, password-protected portal designed for sharing sensitive law enforcement intelligence, including records of narcotics and currency seizures.

Once inside, they exfiltrated sensitive personal data, such as Social Security numbers and home addresses, which they used to threaten, extort, and blackmail their victims.

Credential Theft and Social Engineering

The attack began with the theft of a law enforcement officer’s password, granting the hackers unauthorized access to the federal portal.

This portal, intended for inter-agency intelligence sharing, provided access to multiple government databases and search tools, including those containing nonpublic records and law enforcement intelligence reports.

Singh described the portal as having “potent tools,” boasting to a victim that he could “request information on anyone in the US… nobody is safe”.

The hackers used a combination of technical tactics and social engineering:

• Credential Stuffing: Utilizing stolen credentials to access restricted systems.
• Impersonation: Posing as law enforcement officers to submit fraudulent emergency data requests to social media platforms, thereby obtaining additional private information.
• Doxing: Threatening to publicly release sensitive data unless victims complied with demands, such as handing over social media account credentials or paying for data removal.

Ceraolo also exploited a compromised foreign law enforcement email account to submit fake emergency requests to U.S. social media companies, further expanding their pool of victims and data.

Legal Consequences and Cybercrime Implications

The sentencing of Singh and Ceraolo underscores the seriousness of cyber-enabled extortion and aggravated identity theft.

Both defendants pleaded guilty, admitting to the full scope of their actions and acknowledging in private messages the criminality and risks of their scheme—“we’re all gonna get raided one of these days, I swear,” Ceraolo wrote to Singh.

Authorities emphasized that the case sends a strong deterrent message to digital predators who exploit government infrastructure for personal gain.

The investigation, led by the Homeland Security Investigations (HSI) El Dorado Task Force, is ongoing, with other ViLE group members still under scrutiny.

Key Technical Elements of the ViLE Group’s Attack

The case highlights the ongoing threat posed by sophisticated cybercriminal groups leveraging a mix of technical exploits and psychological manipulation to perpetrate large-scale identity theft and extortion.

Law enforcement agencies continue to adapt their cybercrime response to counter such evolving tactics.

To Upgrade Your Cybersecurity Skills, Take Diamond Membership With 150+ Practical Cybersecurity Courses Online – Enroll Here