A US soldier was arrested for leaking presidential call logs

Pierluigi Paganini January 02, 2025

US authorities have arrested soldier Cameron John Wagenius for his alleged involvement in leaking presidential phone records.

US authorities arrested Cameron John Wagenius (20), a US Army soldier, suspected of involvement in leaking presidential call logs.

The soldier was arrested in Fort Hood, Texas, he is suspected to be the hacker who using the moniker ‘Kiberphant0m’ leaked and sold call records stolen from AT&T and Verizon.

The man was arrested on December 20 and charged with two counts of unlawful transfer of confidential phone records information.

The journalist Brian Krebs first linked Wagenius to hacks involving top U.S. officials’ call records. A sparse indictment offers no details on allegations, but Krebs linked U.S. Army soldier Cameron Wagenius, allegedly “Kiberphant0m,” to hacking telecoms like AT&T and Verizon, leaks of government call logs, and ties to Canadian hacker “Judische.” His mother, unaware of his hacking, said Wagenius worked in Army network communications in South Korea and had always aspired to serve. The case emerged after threats, data leaks, and SIM-swap offers linked to Kiberphant0m surfaced online.

After Moucka‘s arrest, Kiberphant0m leaked alleged call logs for Trump and Harris, NSA data, Verizon call logs, and offered a SIM-swapping service on BreachForums.

“The sparse, two-page indictment (PDF) doesn’t reference specific victims or hacking activity, nor does it include any personal details about the accused. But a conversation with Wagenius’ mother — Minnesota native Alicia Roen — filled in the gaps.” Krebs wrote.

“Roen said that prior to her son’s arrest he’d acknowledged being associated with Connor Riley Moucka, a.k.a. “Judische,” a prolific cybercriminal from Canada who was arrested in late October for stealing data from and extorting dozens of companies that stored data at the cloud service Snowflake.

In an interview with KrebsOnSecurity, Judische said he had no interest in selling the data he’d stolen from Snowflake customers and telecom providers, and that he preferred to outsource that to Kiberphant0m and others. Meanwhile, Kiberphant0m claimed in posts on Telegram that he was responsible for hacking into at least 15 telecommunications firms, including AT&T and Verizon.”

Kiberphant0m claimed on Telegram to have hacked 15 telecom firms, including AT&T and Verizon.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, US soldier)

AT&T Cybercrime Hacking hacking news information security news IT Information Security Pierluigi Paganini Security Affairs Security News SnowFlake US Army US soldier Verizon

Pierluigi Paganini July 18, 2025

LameHug: first AI-Powered malware linked to Russia’s APT28

Pierluigi Paganini July 18, 2025