In a press release the U.S. Attorney's Office, Eastern District of New York revealed details about the complaint against two individuals that are charged with wire fraud and conspiracy to commit computer intrusions.

More specifically, the defendants are suspected of extortion with the threat of doxxing. Doxxing, also known as doxing, is the act of publishing personal information about an individual without their consent. This information can include addresses, phone numbers, email addresses, and even financial details.

Allegedly, the defendants threatened to publish or otherwise use personal information about the victims unless they paid to have their information removed from or kept off the website.

The defendants, of which one is still at large, belonged to a group called Vile. Members of ViLE sought to collect victims’ personal information, such as names, physical addresses, telephone numbers, social security numbers, and email addresses. ViLE runs its own website which they use to post that information unless the victim complied with their demands.

As stated by United States Attorney Peace. 

“As alleged, the defendants shamed, intimidated and extorted others online. This Office will not tolerate those who impersonate law enforcement officers and misuse the public safety infrastructure that exists to protect our citizens.”

The second sentence of that statement indicates how the defendants were able to get their hands on the personal information. What the defendants are charged with is that they unlawfully used a police officer’s stolen password to access a restricted database maintained by a federal law enforcement agency. They used the police officer’s credentials to access without authorization a nonpublic, password-protected web portal maintained by a U.S. federal law enforcement agency, whose purpose is to share intelligence from government databases with state and local law enforcement agencies. Said database contains (among other data) detailed, nonpublic records of narcotics and currency seizures, as well as law enforcement intelligence reports. 

The two suspects are also charged with accessing without authorization the email account of a foreign law enforcement officer. They abused this access to defraud social media companies by making purported emergency requests for information about the companies’ users. For example, one of the defendants used an official email account to pose as a Bangladeshi police officer in communication with US-based social media platforms.

The same Bangladeshi police account was used to request data about the user of  an online gaming platform. When caught they threatened to sell the platform’s information on the Dark Web. An associate posed as a US local police officer and sent a forged subpoena to one of the platform’s vendors, seeking registration details about their administrators.  The vendor did not provide the information.

Data breach

There are some actions you can take if you are, or suspect you may have been, the victim oif a data breach.

  • Check the vendor's advice. Every breach is different, so check with the vendor to find out what's happened, and follow any specific advice they offer.
  • Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don't use for anything else. Better yet, let a password manager choose one for you.
  • Enable two-factor authentication. Where possible, use a FIDO2 2FA device. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
  • Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.
  • Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.

Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.