A former U.S. Army soldier has admitted to a sweeping hacking and extortion scheme that targeted some of America’s largest telecommunications companies.
On Tuesday, the Department of Justice announced that Cameron John Wagenius, who operated online under the alias “kiberphant0m,” pleaded guilty to hacking into multiple telecom providers and threatening to release stolen data if companies didn’t meet his demands.
According to prosecutors, Wagenius conspired with others to attack 10 victim companies, stealing login credentials through brute-force attacks and other hacking techniques. He then trafficked the stolen credentials and discussed breaches in Telegram group chats, effectively running a shadow marketplace for illicit access.
The scheme didn’t stop at data theft. Prosecutors say Wagenius and his collaborators attempted to extort victims both privately and publicly, posting threats and offers to sell stolen information on popular hacking forums, including the notorious BreachForums. The group also sold portions of the data and used stolen credentials to carry out other crimes, such as SIM swapping, which can allow attackers to hijack a person’s phone number and access their accounts.
Earlier this year, Wagenius admitted to hacking into AT&T and Verizon, compromising massive troves of call records in the process.
Authorities have also linked Wagenius to a series of breaches stemming from the hack of cloud computing giant Snowflake, although details of those incidents weren’t included in the plea announcement.
Wagenius is scheduled to be sentenced on October 6 and faces up to 20 years in prison, the DOJ said.
Also Read : Google Inks $3B Deal to Power Data Centers with Hydropower from Brookfield
