A 21-year previous former U.S. Military soldier pleaded responsible to fees of hacking and extorting at the least ten telecommunications and know-how firms within the nation.
Cameron John Wagenius was arrested in Texas on December 20, 2024 and indicted within the Western District of Washington on two counts of illegal switch of confidential telephone data.
In February 2025, the person pleaded responsible to hacking AT&T and Verizon, for which Connor Moucka and John Binnswere had been indicted in November 2024, linking their actions to the main Snowflake hacking incident.
In response to the most recent U.S. DoJ announcement, Wagenius was energetic within the underground our on-line world between 2023 and 2024 underneath the aliases ‘kiberphant0m’, ‘cyb3rph4nt0m’, and ‘buttholio’.
He conspired with others to steal login credentials, entry delicate IT programs, and demand ransom funds from breached telecommunication corporations underneath the specter of leaking stolen knowledge on cybercrime boards equivalent to BreachForums and XSS.is.
“Between April 2023 and Dec. 18, 2024, Cameron John Wagenius, 21, used on-line accounts related to the nickname “kiberphant0m” and conspired with others to defraud at the least 10 sufferer organizations by acquiring login credentials for the organizations’ protected laptop networks,” reads the U.S. DoJ announcement.
“The conspirators obtained these credentials utilizing a hacking instrument that they known as SSH Brute, amongst different means.”
“They used Telegram group chats to switch stolen credentials and focus on gaining unauthorized entry to sufferer firms’ networks.”
Wagenius and his co-conspirators additionally engaged in SIM-swapping and introduced stolen knowledge gross sales on mentioned boards, making an attempt extortion for as much as $1 million.
It has been confirmed that the risk actors efficiently offered a few of this knowledge to different cybercriminals or used it to perpetrate additional fraud.
The authorities underline that Wagenius carried out these actions whereas he was on energetic responsibility with the U.S. Military.
Wagenius was indicted on July 14th for wire fraud conspiracy, aggravated id theft, and extortion in relation to laptop fraud.
A message he left one of many victims threatened with leaking greater than 358GB of knowledge until the group contacted him to barter a ransom cost. In an e-mail to a different sufferer firm, Wagenius requested for $500,000 in cryptocurrency.
A day after the indictment, Wagenius entered a plea settlementadmitting guilt on all three fees.
Based mostly on these fees, the person faces a doable most sentence of as much as 27 years in jail.
The punishment will probably be selected October 6, and it could additionally embrace further time for Wagenius’ earlier responsible plea for 2 counts of illegal switch of confidential telephone data data in regards to the separate case.
Whereas cloud assaults could also be rising extra subtle, attackers nonetheless succeed with surprisingly easy methods.
Drawing from Wiz’s detections throughout hundreds of organizations, this report reveals 8 key methods utilized by cloud-fluent risk actors.
