U.S. Army soldier Cameron John Wagenius has been apprehended and charged by federal authorities over suspicion of exposing stolen AT&T and Verizon customer call records as the threat actor "Kiberphant0m," KrebsOnSecurity reports.
Additional details about the alleged hacking activity were not detailed in the indictment. However, Wagenius' mother, Alicia Roen, disclosed that her son admitted to working for Snowflake hacker Connor Moucka, also known as Judische. After leaking purported AT&T call logs from President-elect Donald J. Trump and Vice President Kamala Harris, as well as a National Security Agency data schema, immediately after the arrest of Moucka in late October, Kiberphant0m proceeded to publish exfiltrated call logs from Verizon push-to-talk clients, which included U.S. government agencies, and disclose a SIM swapping service aimed at such customers over at BreachForums in early November. Such a crackdown on Kiberphant0m's identity was noted by Unit 221B Chief Research Officer Allison Nixon to be indicative of law enforcement's increasingly efficient and effective cybercriminal identification process. "Between when we, and an anonymous colleague, found his opsec mistake on November 10th to his last Telegram activity on December 6, law enforcement set the speed record for the fastest turnaround time for an American federal cyber case that I have witnessed in my career," said Nixon.
