- A former soldier has pleaded guilty to a series of charges
- These include fraud, identity theft and conspiracy of hacke organizations
- The soldier and his co-conspirators excellent and sold data from companies
The Ministry of Justice has announced that an ex-soldier has pleaded not guilty to ‘conspiring to hack to the telecommunications companies’ databases, access-sensitive items and press the telecommunications companies by threatening to release the stolen data unless ransom was paid.’
The 21 -year -old soldier, named as Cameron John Wagenius, used online accounts under the pseudonym “Kiberphan0m”. Wagenius admitted to having conspired with others to blame ‘at least 10’ organizations by stealing login -credentials obtained through a hacking tool called SSH Brute.
Once data was ex -filtered, the group used the access to extort victims, threatened to place stolen data on cybercrime forums and offer to sell the data to other cyber criminals through forums. These allegedly occurred while Wagenius actively served in the US military.
Pressed data
Some of this data were successfully sold and allegedly used to commit other fraudulent campaigns, including the SIM turn. The group tried to extract at least $ 1 million from their victims.
The crimes Wagenius pleaded guilty were; Extortion in relation to computer fraud, conspiracy to commit wire fraud and exacerbated identity theft. Wagenius has previously pleaded not guilty to two counts of “illegal transfer of confidential telephone recording information in connection with this conspiracy.”
Wagenius’ activity has been linked to the snowflake hack, where hundreds of customers were affected and significant data were stolen. This attack was reportedly financially motivated and stems from a group that blackmailed money in exchange for their stolen data.
Snowflake confirmed that the violation was the result of a successful credentials of information – where a threat actor had entered countless login combinations (usually bought the black market) until you eventually work. Credential Suffing attacks are potent and effective and have led to some of the most notorious violations in the last few years.
