Cameron John Wagenius, 21, has pleaded guilty to his role in a hacking and extortion operation that targeted at least 10 organizations, including several telecommunications companies. While actively serving in the U.S. Army, Wagenius operated online under the alias “kiberphant0m” and worked alongside co-conspirators to break into corporate networks and steal sensitive data.
Using tools like SSH Brute, Wagenius gained unauthorized access to company systems, often sharing stolen credentials through private Telegram chats. Once inside, he threatened to expose the compromised data unless the victims paid up. These threats were made both privately and through public cybercrime platforms such as BreachForums and XSS, where he also advertised stolen data for sale.
Some of the stolen information was successfully sold, while other data was used to carry out additional fraud schemes, including SIM-swapping attacks. In total, he tried to extort at least $1 million from various victims.
Wagenius is scheduled to be sentenced on October 6. He faces serious consequences:
- Up to 20 years in prison for conspiracy to commit wire fraud
- Up to 5 years in prison for extortion related to computer fraud
- A mandatory 2-year sentence for aggravated identity theft, which must be served consecutively to any other time imposed.
The forum images are some of Wagenius' claims on BreachForums and XSS.
![IOC Alert: Lumma Stealer C2 Domain Identified – larpfxs[.]top](/content/images/size/w1304/format/webp/2025/08/23985762398576198764252-1.jpg)
