Last year, cybercriminals began using a novel method to steal subscriber data from social media companies: they would hack into police email accounts using stolen passwords purchased on the dark web, then utilise their access to file an emergency data request, or EDR. EDRs are a type of urgent subpoena that does not require court approval or broader company review. They are frequently issued by police agencies to social media companies, and law enforcement encourages the companies to turn over subscriber information on specific users as soon as possible. Hackers would conduct harassment campaigns against users using information from EDRs.
Two people have been arrested in connection with one such scheme. Federal prosecutors charged two men with computer crimes on Tuesday, accusing them of being members of a gang that engaged in targeted online harassment and doxxing campaigns. Officials say Nicholas Ceraolo, 25, of New York, and Sagar Steven Singh, 19, of Rhode Island, are members of the “ViLE” online collective.
The group is said to have “acquired victims’ information through various means” before posting or threatening to post it “on a public website administered by a ViLE member.”Ceraolo and Singh, also known as “Ominous” and “Weep,” are accused as part of “ViLE” of hacking into a federal law enforcement data portal and then using information from that portal to carry out extortion and harassment schemes against targets. Officials do not identify the police portal in question, only describin
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: