COURT DOC: Two Men Charged for Breaching Federal Law Enforcement Database and Posing as Police Officers to Defraud Social Media Companies

According to DOJ, “A criminal complaint was unsealed today in federal court in Brooklyn charging Sagar Steven Singh and Nicholas Ceraolo with wire fraud and conspiracy to commit computer intrusions.  The charges stem from Singh’s and Ceraolo’s efforts to extort victims by threatening to release their personal information online.  Singh was arrested this morning in Pawtucket, Rhode Island, and will make his initial appearance this afternoon in federal court in Providence, Rhode Island. Ceraolo remains at large.”

“In pursuit of victims’ personal information, Singh and Ceraolo unlawfully used a police officer’s stolen password to access a restricted database maintained by a federal law enforcement agency that contains (among other data) detailed, nonpublic records of narcotics and currency seizures, as well as law enforcement intelligence reports.  Ceraolo (with Singh’s knowledge) also accessed without authorization the email account of a foreign law enforcement officer, and used it to defraud social media companies by making purported emergency requests for information about the companies’ users.”

“’Singh and Ceraolo aptly belonged to a group called, as their crime was, “Vile.” That conduct ends today,’ stated United States Attorney Peace.  ‘As alleged, the defendants shamed, intimidated and extorted others online.  This Office will not tolerate those who impersonate law enforcement officers and misuse the public safety infrastructure that exists to protect our citizens.'”

“As alleged in the criminal complaint, Singh and Ceraolo belonged to a group called ‘ViLE,’ whose logo is the body of a hanging girl, as depicted below in the group’s official roster:”

“Members of ViLE sought to collect victims’ personal information, such as names, physical addresses, telephone numbers, social security numbers and email addresses.  ViLE then posted that information (or threatened to post it) on a public website administered by a ViLE member – an action known as ‘doxing.’ Victims could pay to have their information removed from or kept off the website.” 

“ViLE members acquired victims’ information by various means, including by impersonating law enforcement officers and sending forged requests or orders purporting to be from law enforcement to social media companies, often demanding victim information on the pretense that loss of life was imminent.”

“As alleged in the complaint, in pursuit of victims’ personal information. Singh and Ceraolo used a police officer’s credentials to access without authorization a nonpublic, password-protected web portal (the ‘Portal’) maintained by a U.S. federal law enforcement agency, whose purpose is to share intelligence from government databases with state and local law enforcement agencies.  After both Singh and Ceraolo accessed the Portal, Ceraolo wrote to Singh: ‘were all gonna get raided one of these days i swear.’  Later that day, Singh wrote to a contact that the ‘portal [] i accessed i was not supposed to be there not one bit.’  Singh said he had ‘jacked into a police officer’s account’ and ‘that portal had some fucking potent tools.’  Singh continued: ‘it gave me access to gov databases,’ followed by the names of five search tools accessible through the Portal.”

“Within one day of this unauthorized access, Singh was using his access to the Portal to extort victims.  Singh wrote to a victim (Victim-1) that he would ‘harm’ Victim-1’s family unless Victim-1 gave Singh the credentials for Victim-1’s Instagram accounts – and appended Victim-1’s social security number, driver’s license number, home address, and other personal details.  During the conversation, Singh told Victim-1 that he had ‘access to [] databases, which are federal, through [the] portal, i can request information on anyone in the US doesn’t matter who, nobody is safe.’  Singh added: ‘you’re gonna comply to me if you don’t want anything negative to happen to your parents.’  Singh ultimately directed Victim-1 to sell Victim-1’s accounts and give the proceeds to Singh.”

“In addition to accessing the Portal without authorization, Ceraolo posed as a police officer to obtain subscriber information from various online service providers. For example, between February 2022 and May 2022, Ceraolo accessed without authorization an official email account belonging to a Bangladeshi police official.  Ceraolo used the account to pose as a Bangladeshi police officer in communication with U.S.-based social media platforms.  In one instance, Ceraolo induced a social media platform (Platform-1) to provide information about one of its subscribers, including the subscriber’s address, email address and telephone number, by asserting that the subscriber had participated in ‘child extortion’ and blackmail and had threatened officials of the Bangladeshi government.  Ceraolo shared the information with another ViLE member, who sent the information to Singh.  Ceraolo also used the Bangladeshi police account to attempt to purchase a license from a facial recognition company whose services are not available to the general public.” (Source: U.S. Department of Justice)