A US Military soldier has been arrested on suspicion of extorting cash from AT&T and Verizon, following information breaches which noticed an enormous quantity of buyer information obtained.
The 20-year-old was arrested close to the Military base in Fort Hood, Texas, on suspicion of being the cybercriminal generally known as Kiberphant0m – and statements by his mom aren’t doubtless to assist …
The indictment doesn’t reference particular instances, however Krebs on Safety ties the arrest to AT&T and Verizon hacks, largely because of statements by the accused’s mom.
Federal authorities have arrested and indicted a 20-year-old U.S. Military soldier on suspicion of being Kiberphant0m, a cybercriminal who has been promoting and leaking delicate buyer name information stolen earlier this yr from AT&T and Verizon […]
Cameron John Wagenius, 20, was arrested […] on Dec. 20, after being indicted on two legal counts of illegal switch of confidential telephone information.
The sparse, two-page indictment (PDF) doesn’t reference particular victims or hacking exercise, nor does it embody any private particulars in regards to the accused. However a dialog with Wagenius’ mom — Minnesota native Alicia Roen — crammed within the gaps.
Roen stated that previous to her son’s arrest he’d acknowledged being related to Connor Riley Moucka, a.okay.a. “Judische,” a prolific cybercriminal from Canada who was arrested in late October for stealing information from and extorting dozens of corporations that saved information on the cloud service Snowflake.
The positioning’s Brian Krebs had beforehand recognized proof from chat logs that Kiberphant0m was a US soldier stationed in South Korea.
Moucka was arrested again in November, and has been indicted of 20 counts. The report means that Moucka was the first hacker, whereas the principle position of Wagenius was to acquire cash from the info.
Huge AT&T information breach
One of many ransom calls for seems to narrate to an enormous information breach at AT&T, wherein private particulars had been obtained for nearly each buyer the provider had on the time.
In an unimaginable safety fail, the stolen information consists of not solely buyer telephone numbers, but additionally information of who contacted whom – a possible privateness minefield […]
To make issues worse, hackers had been additionally capable of acquire cell web site identification numbers for a number of the calls and texts – which might present places of shoppers to an accuracy of round 300 ft in some areas.
It was later reported that AT&T paid a ransom of $373k in Bitcoin in return for the deletion of the info.
The provider stated the info was obtained from a third-party cloud platform, and that is now believed to be Snowflake – the place information from different corporations was additionally obtained. This consists of acquiring the private information of 560M TicketMaster prospects.
Wired supplies proof that AT&T paid a ransom to the hacker in return for them deleting the info. The hacker initially demanded $1M in Bitcoin, and the quantity lastly paid was the equal of $373k.
Verizon name logs
The opposite demand seems to narrate to Verizon name logs.
On Nov. 5, Kiberphant0m supplied name logs stolen from Verizon’s push-to-talk (PTT) prospects — primarily U.S. authorities businesses and emergency first responders. On Nov. 9, Kiberphant0m posted a gross sales thread on BreachForums providing a “SIM-swapping” service focusing on Verizon PTT prospects. In a SIM-swap, fraudsters use credentials which are phished or stolen from cell phone firm staff to divert a goal’s telephone calls and textual content messages to a tool they management.
The indictment in opposition to Wagenius has been transferred to the Western District of Washington in Seattle.
Photograph by Levi Meir Clancy on Unsplash
FTC: We use revenue incomes auto affiliate hyperlinks. Extra.
