18, 2024, Cameron John Wagenius, 21, used online accounts associated with the nickname “kiberphant0m” and conspired with others to defraud at least 10 victim organizations by obtaining login credentials for the organizations’ protected computer networks,” reads the U.S. DoJ announcement. Cameron John Wagenius was arrested in Texas on December 20, 2024 and indicted in the Western District of Washington on two counts of unlawful transfer of confidential phone records. In February 2025, the man pleaded guilty to hacking AT&T and Verizon, for which Connor Moucka and John Binnswere had been indicted in November 2024, linking their activities to the major Snowflake hacking incident. A message he left one of the victims threatened with leaking more than 358GB of data unless the organization contacted him to negotiate a ransom payment. In an email to another victim company, Wagenius asked for $500,000 in cryptocurrency. The punishment will be decided on October 6, and it may also include additional time for Wagenius’ previous guilty plea for two counts of unlawful transfer of confidential phone records information concerning the separate case. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. Wagenius was indicted on July 14th for wire fraud conspiracy, aggravated identity theft, and extortion in relation to computer fraud. According to the latest U.S. DoJ announcement, Wagenius was active in the underground cyberspace between 2023 and 2024 under the aliases 'kiberphant0m', 'cyb3rph4nt0m', and 'buttholio'. Wagenius and his co-conspirators also engaged in SIM-swapping and announced stolen data sales on said forums, attempting extortion for up to $1 million.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 16 Jul 2025 21:05:16 +0000