Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label DEA. Show all posts

The DEA Portal Hack was Perpetrated by Two Cybercriminals Last Year


During the investigation into the hacking of the DEA portal in 2022, one of the young American men was accused of breaking in and stealing data from the site. The portal breach provided criminals with access to sensitive information because it was connected to 16 data repositories of federal law enforcement organizations.  

In addition to Nicholas Ceraolo, 25, also known as "Convict" or "Ominus," the suspects are Sagar Steven Singh, 19, commonly known as "Weep." According to the Justice Department, Singh and Ceraolo pretended to be police officers to gain access to Bangladeshi police officials' email accounts. 

Ceraolo is also accused of accessing Bangladeshi police officials' emails. As a result, he got his fake identity used to contact various US-based social networking platforms, claiming members were either in danger or committing crimes to get their personal information. 

In a press release issued by the Justice Department, it was noted that Ceraolo and Singh face five years in prison for conspiring to infiltrate computers. Moreover, they could be sentenced to up to 20 years in prison for conspiring to commit wire fraud, which would represent a significant punishment. 

Because the complaint only contains allegations, the defendants will always be considered innocent until proven guilty. “ViLE,” a notorious cybercrime organization, was occupying the apartment, where doxing experts kept gathering and using personal information for intimidation, harassment, or extortion. The group is infamous for providing shelter to doxing experts who specialize in gathering personal information for illegal purposes and collecting personal information from people. Currently, at large, Ceraolo could be sentenced to up to 20 years in prison for wire fraud and computer crimes for which he is facing multiple charges. He faces up to five years in prison if convicted of the charges against him, which he was charged with in Rhode Island this week. 

In this case, Singh was taken into custody due to an error by an official, which allowed authorities to connect him to the incident, wherein the suspect accessed a social media account using the same email address as the login to access the portal. According to reports, an investigator from Homeland Security verified that Singh had utilized the portal through a raid at his home. 

There is a report that the compromised DEA portal granted access to 16 different law enforcement databases which contain sensitive information on Ceraolo, Singh and their cybercriminal group called "ViLE" which they were a part of.  

Singh in one case claimed to have access to a victim's Social Security number, home address, and driver's license information by utilizing data gathered from the hack. In response, the victim complained that he had been scammed. When they refused to comply with Singh's demands, Singh told them if they did not comply he would "harm" their families. 

A Bangladeshi police officer's email account was used by Ceraolo to gain an official account on social media platforms for his social media operations. In this case, personal information was requested about one of its subscribers. A company employee claimed Ceraolo had allegedly received threats from Bangladeshi officials and had accused them of "child extortion" and blackmailing the subscriber. 

Earlier today, United States Attorney Breon Peace announced the charges against Singh and Ceraolo. The prosecutor noted that Singh and Ceraolo belonged to a group called 'Vile' because of their crime or conduct. As alleged in the complaint, the defendants shamed, intimidated, and extorted others online as a form of harassment. To protect citizens,  the  Office said that it will not tolerate those who misappropriate the public safety infrastructure by impersonating law enforcement officers.

Furthermore, Ivan J. Arvelo, a Homeland Security Investigations official, stated: “These charges highlight how serious these offenses are, and criminals who perpetrate these schemes will be held accountable for their crimes,” in response to the allegations of unauthorized access to and impersonation of a US federal law enforcement system.

DEA Tracks Down Drug Cartels with Binance

 

Due to the anonymity provided by cryptocurrencies, they allow cartels a perfect means to transfer funds across continents in a relatively safe manner. To identify individuals, it is necessary to analyze the chain of command. 

As a result of its widespread use by threat actors to wash funds from crypto markets, Tornado Cash has been sanctioned by the US Treasury for being used as a crypto mixing tool. Following the sanctions, threat actors are no longer able to operate through their usual routes, including through centralized exchanges. 

Drug cartels are under attack by the DEA


Forbes published an article about the gang that indicated that it operated in several countries, including the United States, Europe, Mexico, and Australia. Based on the DEA's report, it appears that the cartel was channeling as much as $40 million of illicit proceeds through the exchange.

Using Localbitcoins, informants were able to interact with perpetrators trading crypto for fiat in 2020, which led to investigations into the crime and communication with authorities. 

To ensure trust between trading parties, Localbitcoins uses an escrow service to ensure both parties are given a fair chance to make a transaction. Carlos Fong Echavarria, a Mexican citizen responsible for the theft, assured them the money came from family restaurants and cattle ranches. 

In the aftermath of Echavvaria's capture, he pleaded guilty to charges of drug possession and money laundering. As the matter awaited sentencing, a blockchain address was tracked by the DEA. According to one of them, there is still money being laundered.  One of the latest perpetrators recently bought $42 million in crypto and sold $38 million in crypto. Some of these funds are believed to be linked to the trafficking of drugs, according to authorities. 

The Binance versus the money laundering issue


During the most recent attack, BNBc tokens worth trillions of dollars were obtained via an exploit of the ANKR protocol. BNP and BUSD were exchanged for some of the proceeds, then transferred to the exchange. As a result of the incident, the Exchange reacted by freezing the associated accounts. The company ANKR has determined that the perpetrator of the crime was a former employee of their own company. There was a data breach earlier this month by Lazarus Group, a North Korean cybercrime group. This breach may have led to a loss of more than $540 million from the Ronin Axie Infinity ecosystem. 

It appears that Lazarus also moved the stolen funds to Tornado Cash and several other exchanges. Through a collaborative effort, Chainalysis, law enforcement authorities, and the leading cryptocurrency exchange reverse-engineered the transaction trail. They also froze about $5.8 million in crypto assets linked to this crime as a result of this discovery. 

Following a collaboration between Russian law enforcement and the exchange, Hydra, a darknet marketplace for Russians on the internet, has been shut down. According to earlier reports in the media, it had been reported that Hydra had received funding from the exchange. In its statement, Binance stated that law enforcement would not have been able to capture the criminals behind the Hydra case if it weren't for cryptocurrency. 

A report by Binance indicated that the company had spent tens of millions of dollars hiring sophisticated cybersecurity specialists from across the globe. More than 120 security and industry experts comprise the team. These experts include former members of the IRS, FBI, the US secret service, Europol, and police agencies in the U.K., Europe, Asia, and Latin America. In addition, former members of the US secret service. 

Throughout the history of cryptocurrencies, critics have portrayed them in a bad light. This is because they view them as a disruptive technology that will revolutionize global finance, as well as global crime. 

To ensure that the industry is under the control of the authorities, strict regulations have been published. 

Binance has proved that blockchain is a valuable tool to use in the fight against cyber law-breaking, as evidenced by its success in this field. Several industrial applications have been demonstrated using the technology, including preventing forgery and enhancing procurement processes.  

There is no anonymity in crypto, centralized exchanges may be able to identify the owners of the addresses. As a user or individual with a majority stake in a blockchain ecosystem and a much-acclaimed proof-of-stake coin, one can rely on their power to lock out funds on the blockchain and ultimately lock users out of their funds.