ViLE hackers guilty of illegal access to a law enforcement database.

News Desk

Two members of a hacking group calling itself "ViLE" have pleaded guilty to illegal computer intrusion and other offences. They hacked into an as yet un-named law enforcement daebase and used, for illegal purposes, information obtained.

Last week, in federal court in Brooklyn, Sagar Steven Singh pleaded guilty before United States Magistrate Judge Marcia M. Henry to conspiring to commit computer intrusion and aggravated identify theft. On May 30, 2024, Nicholas Ceraolo pleaded guilty before Judge Henry to the same offences.

A statement by the US Department of Justice said "“The defendants called themselves ‘ViLe,’ and their actions were exactly that. They hacked into a law enforcement database and had access to sensitive personal information, then threatened to harm a victim’s family and publicly release that information unless the defendants were ultimately paid money.

Singh and Ceraolo belonged to a group called “ViLE,” the logo of which includes the body of a hanging girl, as depicted above, taken from the Group's own material. Members of ViLE sought to collect victims’ personal information, including social security numbers. ViLE then posted that information (or threatened to post it) on a public website administered by a ViLE member – an action known as “doxxing.” Victims could pay to have their information removed from or kept off the website.

Singh and Ceraolo unlawfully used a law enforcement officer’s stolen password to access a nonpublic, password-protected online portal (the “Portal”) maintained by a U.S. federal law enforcement agency. The purpose of the Portal was to share intelligence from government databases with state and local law enforcement agencies, and the Portal provided access to detailed, nonpublic records of narcotics and currency seizures, as well as law enforcement intelligence reports.

Singh wrote to a victim (Victim-1) that he would “harm” Victim-1’s family unless Victim-1 gave Singh the credentials for Victim-1’s Instagram accounts. In order to drive home the threat, Singh appended Victim-1’s social security number, driver’s license number, home address and other personal details. Singh told Victim-1 that he had “access to [] databases, which are federal, through [the] portal, i can request information on anyone in the US doesn’t matter who, nobody is safe.” He added: “you’re gonna comply to me if you don’t want anything negative to happen to your parents.” Singh ultimately directed Victim-1 to sell Victim-1’s accounts and give the proceeds to Singh.

After Singh and Ceraolo accessed the Portal, they both acknowledged knowing that their conduct was criminal. Ceraolo wrote to Singh: “were [sic] all gonna get raided one of these days i swear.” Later that day, Singh wrote to a contact that the “portal [] i accessed i was not supposed to be there not one bit.” Singh said he had “jacked into a police officer’s account” and “that portal had some f***ing potent tools.” Singh continued: “it gave me access to gov databases,” followed by the names of five search tools accessible through the Portal.

The government’s case is being handled by the Office’s National Security and Cybercrime Section. Assistant United States Attorneys Alexander Mindlin, Ellen H. Sise and Adam Amir are in charge of the prosecution.

When sentenced, the defendants each face a minimum sentence of two years in prison,and a maximum of seven years.

The Defendants:

Nicholas Ceraolo (also known as “Convict,” “Anon” and “Ominous”)
Age: 26
Queens, New York

Sagar Steven Singh (also known as “Weep”)
Age: 20
Pawtucket, Rhode Island