What are the key takeaways from this Darknet Diaries episode?

Key insights include: **Data broker exploitation method:** Hieu hacked data brokers using SQL injection and file upload vulnerabilities, then stole customer login credentials to access databases containing 200 million US citizen records. He cycled through 5,000 stolen accounts to avoid detection, spreading searches across multiple legitimate user accounts to prevent billing anomalies.; **Business model arbitrage:** Hieu purchased data from Court Ventures at 14 cents per search through API access, then resold identical information for $1 per search on his darknet site. This generated $120,000 monthly revenue with $35,000 in costs, creating a sustainable 71% profit margin business for two years before detection.; **Tax fraud ecosystem:** Criminals used Hieu's identity lookups to file fraudulent tax returns, obtaining refund checks by impersonating victims with stolen Social Security numbers and address histories. The IRS loses billions annually to this scheme because verification systems fail to detect duplicate filings before issuing refund checks to criminals.

What did Hieu Minh Roh discuss on Darknet Diaries?

Vietnamese hacker Hieu Minh Ngo built a darknet identity marketplace selling 3 million US citizen records from data brokers LocatePlus, Microbilt, and Court Ventures, generating over $3 million before Secret Service arrested him in Guam using an elaborate sting operation. Key topics include: **Data broker exploitation method:** Hieu hacked data brokers using SQL injection and file upload vulnerabilities, then stole customer login credentials to access databases containing 200 million US citizen records. He cycled through 5,000 stolen accounts to avoid detection, spreading searches across multiple legitimate user accounts to prevent billing anomalies.; **Business model arbitrage:** Hieu purchased data from Court Ventures at 14 cents per search through API access, then resold identical information for $1 per search on his darknet site. This generated $120,000 monthly revenue with $35,000 in costs, creating a sustainable 71% profit margin business for two years before detection..

How long is this episode of Darknet Diaries?

This episode is 93 minutes long. SignalCast provides an AI-generated summary so you can get the key insights in about 3 minutes.

Darknet Diaries

162: Hieu

August 5, 2025

93 min episode · 2 min read

Hieu Minh Roh

Episode

93 min

Read time

2 min

Topics

Fundraising & VC, Sales & Revenue, Software Development

AI-Generated Summary

Published Jan 1, 2026

Key Takeaways

✓Data broker exploitation method: Hieu hacked data brokers using SQL injection and file upload vulnerabilities, then stole customer login credentials to access databases containing 200 million US citizen records. He cycled through 5,000 stolen accounts to avoid detection, spreading searches across multiple legitimate user accounts to prevent billing anomalies.
✓Business model arbitrage: Hieu purchased data from Court Ventures at 14 cents per search through API access, then resold identical information for $1 per search on his darknet site. This generated $120,000 monthly revenue with $35,000 in costs, creating a sustainable 71% profit margin business for two years before detection.
✓Tax fraud ecosystem: Criminals used Hieu's identity lookups to file fraudulent tax returns, obtaining refund checks by impersonating victims with stolen Social Security numbers and address histories. The IRS loses billions annually to this scheme because verification systems fail to detect duplicate filings before issuing refund checks to criminals.
✓CFAA prosecution strategy: Federal prosecutors charged Hieu with violating Computer Fraud and Abuse Act for unauthorized access by impersonating legitimate users, not for the actual identity theft or fraud. This approach achieves 99% conviction rates because terms of service violations are easier to prove than demonstrating criminal intent or conspiracy.
✓Data broker security failures: LocatePlus, Microbilt, and Court Ventures never disclosed their breaches to affected customers or the public, despite Hieu accessing millions of records. These companies face no legal requirement to notify individuals when their personal information is compromised, unlike consumer-facing businesses that must report data breaches under state laws.

What It Covers

Vietnamese hacker Hieu Minh Ngo built a darknet identity marketplace selling 3 million US citizen records from data brokers LocatePlus, Microbilt, and Court Ventures, generating over $3 million before Secret Service arrested him in Guam using an elaborate sting operation.

Key Questions Answered

•Data broker exploitation method: Hieu hacked data brokers using SQL injection and file upload vulnerabilities, then stole customer login credentials to access databases containing 200 million US citizen records. He cycled through 5,000 stolen accounts to avoid detection, spreading searches across multiple legitimate user accounts to prevent billing anomalies.
•Business model arbitrage: Hieu purchased data from Court Ventures at 14 cents per search through API access, then resold identical information for $1 per search on his darknet site. This generated $120,000 monthly revenue with $35,000 in costs, creating a sustainable 71% profit margin business for two years before detection.
•Tax fraud ecosystem: Criminals used Hieu's identity lookups to file fraudulent tax returns, obtaining refund checks by impersonating victims with stolen Social Security numbers and address histories. The IRS loses billions annually to this scheme because verification systems fail to detect duplicate filings before issuing refund checks to criminals.
•CFAA prosecution strategy: Federal prosecutors charged Hieu with violating Computer Fraud and Abuse Act for unauthorized access by impersonating legitimate users, not for the actual identity theft or fraud. This approach achieves 99% conviction rates because terms of service violations are easier to prove than demonstrating criminal intent or conspiracy.
•Data broker security failures: LocatePlus, Microbilt, and Court Ventures never disclosed their breaches to affected customers or the public, despite Hieu accessing millions of records. These companies face no legal requirement to notify individuals when their personal information is compromised, unlike consumer-facing businesses that must report data breaches under state laws.

Notable Moment

When Hieu landed in Guam thinking he was meeting business partners for an API deal, US Customs immediately escorted him to their office with a 10-inch stack of documents proving they knew everything about his operation, ending his belief that operating from Vietnam made him untouchable.

Know someone who'd find this useful?