The United States arrested a US Army soldier and charged him with being part of a hacking scheme to sell and distribute stolen phone records. An indictment alleges that Cameron John Wagenius, 20, knowingly sold “confidential telephone records” through online forums and other communication platforms last November.
The indictment does not detail the pirated material, but KrebsOnSecurity information that Wagenius appears to be connected to a series of high-profile data breaches linked to the online alias “Kiberphant0m.” Kiberphant0m claimed to have hacked 15 telecommunications companies and was working with the person allegedly behind the Snowflake data breaches to sell the stolen information.
In November, Kiberphant0m published what it claimed were AT&T call records of President-elect Donald Trump and Vice President Kamala Harris. It's unclear whether the data was genuine, but AT&T suffered a major theft of customer data as part of the Snowflake account breaches last year. In 2023, the hacker is also alleged to have sold “remote access credentials for a major US defense contractor,” according to krebs.
krebs reports that Wagenius worked in communications at an army base in South Korea. After the alleged leak of Trump and Harris data, krebs did a deep dive in Kiberphant0m's online communications and identified that he was likely an American soldier. In this latest report, krebs spoke with Wgenius' mother, who confirmed his connection to the alleged Snowflake hacker.
Cybersecurity experts were reportedly harassed for trying to trace Kiberphant0m's identity, leading to this incredible quote from Allison Nixon, a senior researcher at cybersecurity firm Unit 221B, who was part of the work. “Anonymously extorting the president and vice president as a member of the military is a bad idea,” Nixon said. krebs“but it's an even worse idea to harass people who specialize in anonymizing cybercriminals.”
