Cameron John Wagenius, 21, a former Army soldier most recently stationed in Texas, pleaded guilty on July 15 to conspiring to hack into telecommunications companies’ databases, access sensitive records, and extort telecommunications companies by threatening to release the stolen data unless ransoms were paid.
According to court documents, between April 2023 and Dec. 18, 2024, Wagenius used online accounts associated with the nickname “kiberphant0m” and conspired with others to defraud at least 10 victim organizations by obtaining login credentials for the organizations’ protected computer networks. The conspirators obtained these credentials using a hacking tool that they called SSH Brute, among other means. They used Telegram group chats to transfer stolen credentials and discuss gaining unauthorized access to victim companies’ networks. This activity happened while Wagenius was on active duty with the U.S. Army.
Wagenius was arrested in December.
After data was stolen, the conspirators extorted the victim organizations both privately and in public forums. The extortion attempts included threats to post the stolen data on cybercrime forums such as BreachForums and XSS.is. The conspirators offered to sell stolen data for thousands of dollars via posts on these forums. They successfully sold at least some of this stolen data and also used stolen data to perpetuate other frauds, including SIM-swapping. In total, Wagenius and his co-conspirators attempted to extort at least $1 million from victim data owners.
Wagenius pleaded guilty to conspiracy to commit wire fraud, extortion in relation to computer fraud, and aggravated identity theft. He is scheduled to be sentenced on Oct. 6 and faces a maximum penalty of 20 years in prison for conspiracy to commit wire fraud, a maximum penalty of five years in prison for extortion in relation to computer fraud, and a mandatory two-year sentence consecutive to any other prison time for aggravated identity theft.
Wagenius previously pleaded guilty in a separate case to two counts of unlawful transfer of confidential phone records information in connection with this conspiracy.
Source: U.S. Department of Justice Office of Public Affairs