US Army soldier arrested over data breach extortion of AT&T and Verizon

A U.S. Army soldier has been arrested on suspicion of extorting money from AT&T and Verizon following a massive data leak. customer data get.

The 20-year-old man was arrested near Fort Hood Army Base in Texas on suspicion of cyber criminals Known as Kiberphant0m – and his mother’s statement is unlikely to help…

The indictment does not mention specific cases, but Krebs talks safety The arrests were tied to the AT&T and Verizon hacks thanks in large part to a statement from the defendant’s mother.

Federal authorities have arrested and charged a 20-year-old U.S. Army soldier with Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen from AT&T and Verizon earlier this year […]

Cameron John Vaginius, 20, arrested […] Dec. 20 after being charged with two criminal counts of unlawfully transferring confidential phone records.

The sparse two-page indictment (PDF) does not name specific victims or hackers, nor does it contain any personal details about the defendants. But a conversation with Vaginius’ mother, Minnesota native Alicia Rowan, filled the void.

Roen said that before her son was arrested, he admitted to having ties to Connor Riley Moucka, also known as “Judische,” a prolific cybercriminal from Canada who was convicted of stealing data stored in the clouds of dozens of companies. He was arrested at the end of October after taking the company’s data and extorting it.

Brian Krebs of this website was previously established evidence Judging from the chat history, Kiberphant0m is a US soldier stationed in South Korea.

Moucka was arrested in November and charged with 20 counts. Reports indicate that Moucka was the primary hacker, while Wagenius’ primary role was to extract money from the data.

AT&T massive data breach

One of the ransom demands appears to be related to AT&T suffers massive data breachin which the personal details of nearly every customer the airline had at the time were obtained.

In an incredible security breach, stolen data included not only customer phone numbers but also records of who contacted whom – a potential privacy minefield […]

To make matters worse, hackers were also able to obtain cell site identifiers for some calls and text messages, which can provide customer locations to an accuracy of about 300 feet in some areas.

It was later reported that AT&T paid a ransom of $373,000 in Bitcoin in exchange for deleting the data.

The industry said the data was obtained from a third-party cloud platform, now believed to be Snowflake, which also obtained data from other companies. This includes getting Personal data of 560 million TicketMaster customers.

wired Evidence was provided that AT&T paid the hackers a ransom in exchange for them deleting the data. The hackers initially demanded $1 million in Bitcoin, but eventually paid the equivalent of $373,000.

Verizon call history

Another requirement appears to be related to Verizon call recording.

On November 5, Kiberphant0m made available call records stolen from Verizon Push-to-Talk (PTT) customers, primarily U.S. government agencies and emergency first responders. On November 9, Kiberphant0m published a sales post on BreachForums, offering a “SIM swap” service for Verizon PTT customers. In SIM swapping, scammers use stolen or stolen credentials from mobile phone company employees to transfer a target’s calls and text messages to a device they control.

The indictment against Vaginius has been transferred to the Western District of Washington in Seattle.

photography: Levi Meir Clancy exist Not splashed