Ex-Soldier ‘kiberphant0m’ Admits Telecom Hack & Extortion

SEATTLE – A former U.S. Army soldier, Cameron John Wagenius, 21, admitted today to orchestrating a brazen hacking and extortion scheme targeting multiple telecommunications companies. The scheme, conducted while Wagenius was still on active duty and operating under the online alias “kiberphant0m,” involved the theft of sensitive data and attempts to squeeze millions of dollars from the victims.

Between April 2023 and December 18, 2024, Wagenius, most recently stationed in Texas, conspired with others to infiltrate the protected computer networks of at least ten organizations. Court documents reveal the use of a hacking tool dubbed “SSH Brute” to obtain login credentials. The conspirators communicated and shared stolen information via Telegram group chats, meticulously planning their attacks and access to victim companies’ systems.

The operation wasn’t just about access; it was about profit. After successfully stealing data, the group turned to extortion, threatening to publicly release the stolen information on notorious cybercrime forums like BreachForums and XSS.is. They actively offered the stolen data for sale, demanding thousands of dollars per dataset. While the full extent of their sales remains under investigation, authorities confirm they successfully sold at least *some* of the compromised data and further exploited it through related crimes like SIM-swapping.

The scope of the attempted extortion is staggering. Wagenius and his co-conspirators brazenly sought to extract at least $1 million from the data owners. Acting Assistant Attorney General Matthew R. Galeotti of the Justice Department’s Criminal Division, Acting U.S. Attorney Teal Luthy Miller for the Western District of Washington, Special Agent in Charge W. Mike Herrington of the FBI Seattle Field Office, and Special Agent in Charge Kenneth DeChellis of the Department of Defense Office of Inspector General, DCIS, Cyber Field Office jointly announced the guilty plea.

Wagenius pleaded guilty to three federal charges: conspiracy to commit wire fraud, extortion in relation to computer fraud, and aggravated identity theft. He is scheduled for sentencing on October 6, 2025. He faces a maximum of 20 years for the wire fraud conspiracy, up to five years for the extortion charge, and a *mandatory* consecutive two-year sentence for the aggravated identity theft. This is in addition to a previous guilty plea to two counts of unlawful transfer of confidential phone records information related to the same conspiracy. A federal judge will determine the final sentence, considering sentencing guidelines and other legal factors.

The investigation was spearheaded by the Federal Bureau of Investigation and the Defense Criminal Investigative Service, with vital support from the U.S. Army’s Criminal Investigative Division, the U.S. Attorney’s Office for the Western District of Texas, and the National Security Cyber Section. Private sector firms Flashpoint and Unit 221B also contributed to the investigation. The prosecution is being handled by Assistant U.S. Attorney Sok Tea Jiang, along with Senior Counsel Louisa Becker and Trial Attorney George Brown of the Justice Department’s Computer Crime and Intellectual Property Section. This case serves as a stark reminder that even those sworn to protect can become perpetrators of digital crime.