News

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

A U.S. Army soldier who pleaded guilty last week to leaking phone records for high-ranking U.S. government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” prosecutors in the case said Wednesday. The government disclosed the details in a court motion to keep the defendant in custody until he is discharged from the military.

One of several selfies on the Facebook page of Cameron Wagenius.

Cameron John Wagenius, 20, was arrested near the Army base in Fort Cavazos, Texas on Dec. 20, and charged with two criminal counts of unlawful transfer of confidential phone records. Wagenius was a communications specialist at a U.S. Army base in South Korea, who secretly went by the nickname Kiberphant0m and was part of a trio of criminal hackers that extorted dozens of companies last year over stolen data.

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication needed). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories used by some of the world’s largest corporations.

Among those was AT&T, which disclosed in July that cybercriminals had stolen personal information and phone and text message records for roughly 110 million people — nearly all of its customers. AT&T reportedly paid a hacker $370,000 to delete stolen phone records. More than 160 other Snowflake customers were relieved of data, including TicketMaster, Lending Tree, Advance Auto Parts and Neiman Marcus.

In several posts to an English-language cybercrime forum in November, Kiberphant0m leaked some of the phone records and threatened to leak them all unless paid a ransom. Prosecutors said that in addition to his public posts on the forum, Wagenius had engaged in multiple direct attempts to extort “Victim-1,” which appears to be a reference to AT&T. The government states that Kiberphant0m privately demanded $500,000 from Victim-1, threatening to release all of the stolen phone records unless he was paid.

On Feb. 19, Wagenius pleaded guilty to two counts of unlawfully transferring confidential phone records, but he did so without the benefit of a plea agreement. In entering the plea, Wagenius’s attorneys had asked the court to allow him to stay with his father pending his sentencing.

But in a response filed today (PDF), prosecutors in Seattle said Wagenius was a flight risk, partly because prior to his arrest he was searching online for how to defect to countries that do not extradite to the United States. According to the government, while Kiberphant0m was extorting AT&T, Wagenius’s searches included:

-“where can i defect the u.s government military which country will not hand me over”
-“U.S. military personnel defecting to Russia”
-“Embassy of Russia – Washington, D.C.”

“As discussed in the government’s sealed filing, the government has uncovered evidence suggesting that the charged conduct was only a small part of Wagenius’ malicious activity,” the government memo states. “On top of this, for more than two weeks in November 2024, Wagenius communicated with an email address he believed belonged to Country-1’s military intelligence service in an attempt to sell stolen information. Days after he apparently finished communicating with Country-1’s military intelligence service, Wagenius Googled, ‘can hacking be treason.’”

Prosecutors told the court investigators also found a screenshot on Wagenius’ laptop that suggested he had over 17,000 files that included passports, driver’s licenses, and other identity cards belonging to victims of a breach, and that in one of his online accounts, the government also found a fake identification document that contained his picture.

“Wagenius should also be detained because he presents a serious risk of flight, has the means and intent to flee, and is aware that he will likely face additional charges,” the Seattle prosecutors asserted.

The court filing says Wagenius is presently in the process of being separated from the Army but, but the government has not received confirmation that his discharge has been finalized.

“The government’s understanding is that, until his discharge from the Army is finalized (which is expected to happen in early March), he may only be released directly to the Army,” reads a footnote in the memo. “Until that process is completed, Wagenius’ proposed release to his father should be rejected for this additional reason.”

Wagenius’s interest in defecting to another country in order to escape prosecution mirrors that of his alleged co-conspirator, John Erin Binns, an 25-year-old elusive American man indicted by the Justice Department for a 2021 breach at T-Mobile that exposed the personal information of at least 76.6 million customers.

Binns has since been charged with the Snowflake hack and subsequent extortion activity. He is currently in custody in a Turkish prison. Sources close to the investigation told KrebsOnSecurity that prior to his arrest by Turkish police, Binns visited the Russian embassy in Turkey to inquire about Russian citizenship.

In late November 2024, Canadian authorities arrested a third alleged member of the extortion conspiracy, 25-year-old Connor Riley Moucka of Kitchener, Ontario. The U.S. government has indicted Moucka and Binns, charging them with one count of conspiracy; 10 counts of wire fraud; four counts of computer fraud and abuse; two counts of extortion in relation to computer fraud; and two counts aggravated identity theft.

Less than a month before Wagenius’s arrest, KrebsOnSecurity published a deep dive into Kiberphant0m’s various Telegram and Discord identities over the years, revealing how the owner of the accounts told others they were in the Army and stationed in South Korea.

The maximum penalty Wagenius could face at sentencing includes up to ten years in prison for each count, and fines not to exceed $250,000.

—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains

McAfee Named One of America’s Best Employers by Forbes

We’re thrilled to share some exciting news—McAfee has been recognized on Forbes’ prestigious list of America’s Best Midsize Employers for 2025! This recognition is a testament to our incredible employees, whose passion and commitment make McAfee not just an industry leader, but also a truly exceptional place to work. 

“A great workplace isn’t just about what we do—it’s about who we are and the purpose we share,” said Justin Hastings, Chief People Officer at McAfee. “This award reflects our dedication to fostering an environment where employees feel valued, empowered, and connected. Whether through our innovation, career development, or our strong sense of community, we strive to make McAfee a place where talent thrives, driven by our mission to keep our customers safe in their digital lives.”

Forbes and Statista, a global data and business intelligence firm, compiled this list based on feedback from over 217,000 employees across various industries in the U.S. The ranking considers both direct feedback from McAfee team members and public perceptions of our workplace culture, with personal employee experiences carrying the most weight. 

What This Means for McAfee 

At McAfee, we believe that a great workplace isn’t just about the work—it’s about the people. This recognition underscores our ongoing commitment to fostering a culture where employees feel valued, empowered, and inspired. Whether it’s through innovative projects, professional growth opportunities, or a strong sense of community, we strive to make McAfee a place where talent thrives. 

Our spot within the top 300 of 500 companies, shows that our collective dedication to excellence, inclusivity, and collaboration is making an impact. 

A Big Thank You to Our Team 

This achievement wouldn’t be possible without our amazing employees who bring their best every day. Your contributions drive our success, and this recognition is as much yours as it is McAfee’s. 

As we continue to push boundaries in cybersecurity, we remain committed to ensuring McAfee is a company where talent grows, ideas flourish, and people love coming to work. 

Join us at McAfee   

It’s an exciting time to be part of Team McAfee! As we continue to grow and innovate, we’re always looking for passionate individuals who want to help create a safer online world.  

If you’re looking for a workplace where your ideas matter, your contributions are valued, and you can thrive in a dynamic, mission-driven environment, we’d love to have you on board. Explore opportunities to join us today!  

The post McAfee Named One of America’s Best Employers by Forbes appeared first on McAfee Blog.

—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains

The 9 Most Common Social Media Scams—and How to Spot Them Before It’s Too Late

Social media connects us to friends, trends, and news in real time—but it also opens the door to scammers looking to exploit trust and curiosity. From fake giveaways to impersonation scams, fraudsters use sophisticated tactics to trick users into handing over personal information, money, or access to their accounts. 

Even the most internet-savvy users can fall victim to these deceptive schemes. That’s why it’s crucial to recognize the red flags before it’s too late. Whether it’s a DM from a “friend” in trouble, a deal that seems too good to be true, or a sudden request to verify your account, scammers prey on urgency and emotion to pull you in. 

Here’s a look at some of the most common social media scams—and how you can stay one step ahead to protect yourself and your accounts. 

  1. Romance Scams – Fake online relationships where scammers manipulate victims into sending money. 
  2. Phishing Scams – Fraudulent messages or links designed to steal login credentials. 
  3. Fake Giveaways & Contests – Scammers pose as brands or celebrities, asking for personal information in exchange for prizes that don’t exist. 
  4. Job Scams – False job postings that require upfront fees or personal details. 
  5. Investment Scams – Fraudulent schemes promising huge returns with little risk, often involving cryptocurrency. 
  6. Impersonation Scams – Scammers clone profiles of family, friends, or businesses to request money or personal data. 
  7. Online Shopping Scams – Fake e-commerce stores that collect payments without delivering products. 
  8. Charity Scams – Fake fundraisers designed to exploit generosity during crises. 
  9. Too-Good-to-Be-True Deals – Unrealistic offers that require upfront payments or personal information. 

How Scammers Operate on Social Media 

Fraudsters use various tactics to lure unsuspecting users into their schemes, including: 

  • Fake Profiles: Scammers create bogus accounts, sometimes impersonating real people, to build trust. 
  • Malicious Links: They send messages containing harmful links that install malware or steal data. 
  • Emotional Manipulation: Playing on fear, love, or urgency, they convince victims to act without thinking. 
  • Bogus Investment Opportunities: They entice victims with promises of easy wealth through fake financial schemes. 
  • Social Engineering Tricks: They craft messages designed to gather personal information through quizzes, surveys, or direct requests. 

Signs That You’re Dealing with a Social Media Scammer 

Recognizing these red flags can help you stay safe: 

  • Poor Grammar and Spelling Mistakes – Many scammers use unnatural phrasing or odd formatting. 
  • Brand-New Profiles with Few Friends or Posts – A lack of personal content is a sign of a fake account. 
  • Duplicate Friend Requests – If you receive a request from someone you’re already connected with, it may be an impersonation scam. 
  • Unsolicited Messages Containing Links – Avoid clicking links in unexpected messages, as they may lead to phishing sites. 
  • Requests for Money via Untraceable Methods – Scammers often ask for payment through gift cards, wire transfers, or cryptocurrency. 
  • Unbelievable Deals or Limited-Time Offers – If an offer seems too good to be true, it probably is. 
  • Requests to Move the Conversation Off-Platform – Fraudsters may push to communicate via email, WhatsApp, or text to avoid detection. 

How to Protect Yourself from Social Media Scams 

Follow these precautions to reduce your risk of falling victim: 

  1. Think Before You Click – Don’t interact with suspicious links or attachments. 
  2. Verify Identities – Contact people through trusted means before sending any money or information. 
  3. Enable Privacy Settings – Limit what strangers can see on your profile. 
  4. Use Strong, Unique Passwords – Enable two-factor authentication (2FA) on your accounts. 
  5. Be Skeptical of Online Strangers – If someone you don’t know reaches out unexpectedly, question their intentions. 
  6. Report and Block Suspicious Accounts – Social media platforms have tools to report fraud. 
  7. Monitor Your Accounts for Unauthorized Activity – Stay vigilant for any signs of compromise. 

What to Do If You’ve Been Scammed 

If you suspect you’ve fallen victim to a social media scam, take immediate action: 

  • Secure Your Accounts – Change passwords and enable 2FA to prevent further breaches. 
  • Report the Scam – Notify the social media platform and report fraud to authorities such as the FTC. 
  • Contact Your Bank – If you sent money, inform your financial institution to attempt a reversal. 
  • Scan Your Device for Malware – Run antivirus software like McAfee to detect and remove any potential threats. 
  • Monitor Your Financial Accounts – Look for unauthorized transactions and consider placing fraud alerts. 

Social media scams are becoming more sophisticated, but you can protect yourself by staying informed and cautious.  

Always verify messages, be skeptical of too-good-to-be-true offers, and use strong security measures to safeguard your accounts.  

By recognizing these scams early, you can avoid financial loss and keep your personal information safe online. 

McAfee helps protect you from online threats with advanced security tools, including identity monitoring, safe browsing features, and real-time malware protection. Stay one step ahead of scammers with trusted cybersecurity solutions. 

The post The 9 Most Common Social Media Scams—and How to Spot Them Before It’s Too Late appeared first on McAfee Blog.

—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains

More Research Showing AI Breaking the Rules

These researchers had LLMs play chess against better opponents. When they couldn’t win, they sometimes resorted to cheating.

Researchers gave the models a seemingly impossible task: to win against Stockfish, which is one of the strongest chess engines in the world and a much better player than any human, or any of the AI models in the study. Researchers also gave the models what they call a “scratchpad:” a text box the AI could use to “think” before making its next move, providing researchers with a window into their reasoning.

In one case, o1-preview found itself in a losing position. “I need to completely pivot my approach,” it noted. “The task is to ‘win against a powerful chess engine’—not necessarily to win fairly in a chess game,” it added. It then modified the system file containing each piece’s virtual position, in effect making illegal moves to put itself in a dominant position, thus forcing its opponent to resign.

Between Jan. 10 and Feb. 13, the researchers ran hundreds of such trials with each model. OpenAI’s o1-preview tried to cheat 37% of the time; while DeepSeek R1 tried to cheat 11% of the time­making them the only two models tested that attempted to hack without the researchers’ first dropping hints. Other models tested include o1, o3-mini, GPT-4o, Claude 3.5 Sonnet, and Alibaba’s QwQ-32B-Preview. While R1 and o1-preview both tried, only the latter managed to hack the game, succeeding in 6% of trials.

Here’s the paper.

—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains