TZUTC: -0500
MSGID: 1242.consprcy@1:2320/105 2cde3ee5
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
US Army soldier pleads guilty to hacking telcos, extortion, wire fraud,
identity theft

Date:
Wed, 16 Jul 2025 17:02:00 +0000

Description:
An ex-soldier faces up to 20 years for various fraudulent charges.

FULL STORY

The Department of Justice has announced that an ex-soldier has plead guilty 
to conspiring to hack into telecommunications companies databases, access
sensitive records, and extort the telecommunications companies by threatening
to release the stolen data unless ransoms were paid. 

The 21 year old soldier, named as Cameron John Wagenius, used online accounts
under the pseudonym kiberphan0m. Wagenius admitted to conspiring with others
to defraud at least 10 organizations by stealing login credentials obtained
through a hacking tool called SSH Brute. 

Once data was exfiltrated, the group used the access to extort victims,
threatening to post stolen data on cybercrime forums, and offering to sell 
the data to other cybercriminals through the forums. These allegedly occurred
whilst Wagenius was actively serving in the US military. 

Extorted data

Some of this data was successfully sold, and reportedly used to commit other
fraudulent campaigns, including SIM-swapping. The group attempted to extract
at least $1 million from their victims. 

The crimes Wagenius plead guilty were; extortion in relation to computer
fraud, conspiracy to commit wire fraud, and aggravated identity theft.
Wagenius has previously plead guilty separately to two counts of unlawful
transfer of confidential phone records information in connection with this
conspiracy. 

Wagenius activity has been linked to the Snowflake hack in which hundreds of
customers were affected and significant data was stolen . This attack was
allegedly financially motivated, and originated from a group extorting money
in exchange for their stolen data. 

Snowflake confirmed that the breach was the result of a successful credential
stuffing attack - in which a threat actor had entered countless login
combinations (usually purchased off the black market) until one eventually
works. Credential stuffing attacks are potent and effective, and have led to
some of the most notorious breaches in the last few years.

======================================================================
Link to news story:
https://www.techradar.com/pro/security/us-army-soldier-pleads-guilty-to-hackin
g-telcos-extortion-wire-fraud-identity-theft

$$
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 664
SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426