16.07.2025
2 min
547
21-year-old former US soldier Cameron Wagenius has pleaded guilty to a series of hacking attacks and attempts to extort more than a million dollars from ten telecom and IT companies, including AT&T and Verizon. The crimes were committed during his active service in the US Army.
According to the US Department of Justice, in 2023-2024, Wagenius, known on the darknet as *kiberphant0m*, used the self-written SSH Brute tool and Telegram groups to hack into the internal systems of large companies. He stole credentials, penetrated protected networks, and then demanded ransom, threatening to publish the stolen data on the BreachForums and XSS.is forums. Some of this data was sold, and the rest was used for further fraudulent activities, including SIM-swapping.
He also sent ultimatums to his victims, including threatening to leak 358 GB of confidential information unless he was paid $500,000 in cryptocurrency. As a result of a pretrial agreement, he pleaded guilty to all three counts: conspiracy to commit fraud, extortion, and identity theft.
In December 2024, Wagenius was arrested in Texas. It turned out that he did not act alone – the investigation identified a group of individuals who coordinated the attacks, collected credentials, and sold or published the stolen information. In a previous trial, he had already pleaded guilty to transferring confidential phone records. The case was prosecuted by the FBI in conjunction with DCIS (Defense Criminal Investigation Service), with assistance from military investigators, Texas prosecutors, and private intelligence groups.
The case is another warning to the telecom industry: even military personnel can be part of criminal hacking groups that use their professional skills and privileged access to commit crimes. Wagenius faces up to 27 years in prison, and his sentencing is scheduled for October 6. In an era where data leaks are happening every week, it is critical to rethink security policies, internal threat monitoring, and employee accountability.
