Ex-American soldier convicted for cyber blackmail after searching online about hacking being treasonous activities
A 21-year-old former US Army soldier, Cameron John Wagenius, has admitted to his involvement in a wide-ranging hacking and extortion scheme that targeted telecommunications companies. Wagenius, who served at Joint Base Lewis–McChord (JBLM), pleaded guilty to multiple charges related to hacking, extortion, and identity theft.
The hacking group, which included Wagenius, used the pseudonym "kiberphant0m" and conspired to breach into telecommunications companies' databases. They accessed sensitive records and extorted the companies by threatening to release stolen data unless ransoms were paid. The group used a hacking tool called SSH Brute to obtain login credentials for protected networks.
The stolen data, which included records from at least 10 organizations, was then sold or extorted for money on cybercrime forums such as BreachForums and XSS.is. Reports suggest that entities like AT&T, Verizon, former US President Donald Trump, and Vice President Kamala Harris may have been among the victims. However, specific names are not mentioned in the court documents.
Wagenius's actions extend beyond this conspiracy. He is also linked to a group that breached over 150 Snowflake cloud accounts in April 2024, demanding millions in ransom. The group used various methods, including SSH Brute, to obtain the credentials.
After committing these crimes, Wagenius searched online for information about defecting from the US military, including looking up how to defect to Russia and the contact details of the Russian Embassy in Washington, DC.
Wagenius is scheduled to be sentenced on October 6 and faces up to 27 years in prison. He previously pleaded guilty to two counts of unlawful transfer of confidential phone records in a separate case related to this conspiracy.
The telecom hack occurred between April 2023 and December 2024. The ill-gotten gains were used to fund other scams, including SIM swapping that could have been used in further attacks. No information about the outcome of the ransom demands was provided in the court documents.
This case serves as a reminder of the ongoing threats posed by cybercrime and the importance of securing sensitive data. As technology continues to evolve, so too must our efforts to protect ourselves against such threats.
The hacking group, using the pseudonym "kiberphant0m," admits to conspiring with a former US Army soldier, Cameron John Wagenius, in breaching telecom databases and extorting companies. This crime involved using a hacking tool called SSH Brute to obtain login credentials for protected networks, and the stolen data was sold or extorted for money on cybercrime forums.
Wagenius's actions extend beyond this particular conspiracy; he is also linked to a group that breached over 150 Snowflake cloud accounts in April 2024, demanding millions in ransom.
The stolen telecom data potentially impacted entities like AT&T, Verizon, former US President Donald Trump, and Vice President Kamala Harris, though specific names are not mentioned in the court documents.
After committing these crimes, Wagenius searched online for information about defecting from the US military, indicating a possible intent to escape the consequences of his actions. Wagenius faces up to 27 years in prison for his involvement in this cybersecurity incident.
