A former US Army soldier, who reportedly hacked AT&T, bragged about accessing President Donald Trump’s call logs, and then Googled “can hacking be treason,” and “US military personnel defecting to Russia,” pleaded guilty to conspiring to break into telecom firms’ databases and extort at least $1 million.
Cameron John Wagenius, 21, who used the nickname “kiberphant0m” online, has pleaded guilty to conspiracy to commit wire fraud, extortion in relation to computer fraud, and aggravated identity theft. Wagenius is scheduled to be sentenced on October 6 and faces over 20 years behind bars if the judge throws the book at him.
Wagenius previously pleaded guilty in a separate case to two counts of unlawful transfer of confidential phone records in connection with this conspiracy.
The telecom hack occurred between April 2023 and December 2024, and during that time, Wagenius and others plotted to defraud at least 10 orgs using stolen credentials to access the phone companies’ networks. All of this happened while Wagenius was on active duty, according to the Justice Department.
Wagenius and his alleged accomplices used a tool called SSH Brute, among other methods, to obtain the credentials, and after stealing the telecom companies’ data, they extorted the victim organizations both privately and on cybercrime forums such as BreachForums and XSS.is, the DoJ says.
They allegedly offered this data for sale for thousands of dollars, and successfully sold some of it, using these ill-gotten gains to fund other scams, including SIM swapping that could have been used in further attacks.
In total, Wagenius and crew attempted to extort at least $1 million from their victims, the DoJ reports.
“While engaged in these criminal activities, Wagenius conducted online searches about how to defect to countries that do not extradite to the United States and that he previously attempted to sell hacked information to at least one foreign intelligence service,” according to court documents [PDF].
He then bragged online about hacking the telecom providers, and posted call records belonging to public officials and their family members.
While none of these entities are named in the court documents, they reportedly included AT&T, Verizon, Donald Trump, and Kamala Harris.
His search history, according to the court documents, contained phrases such as:
- “Where can I defect [from] the US government military, which country will not hand me over”
- “US military personnel defecting to Russia”
- “Embassy of Russia, Washington DC”
Prosecutors have also linked Wagenius to two other men accused of stealing data from more than 150 Snowflake cloud accounts in April 2024, and then demanding a ransom payment to keep that sensitive information under wraps. ®
Click Here For The Original Source.