The Justice Department says the U.S. extradited a Pakistani man from Hong Kong after he allegedly bribed AT&T employees to unlock more than 2 million cellphones. Over five years, these AT&T “insiders” received more than a million dollars to “fraudulently” unlock the company’s phones, which allowed buyers to avoid using AT&T as a provider.

“The object … was to sell members of the public the resulting ability fraudulently to unlock phones, so that members of the public could stop using AT&T wireless services and therefore deprive AT&T of the stream of payments it was owed under customers’ service contracts and installment plans,” an indictment unsealed Monday in the Western District of Washington state, said.

Between 2013 and 2017, Muhamad Fahd, 34,  allegedly committed the crimes of bribing AT&T employees at a call center in Bothell, Washington, to “use their network credentials and exceed their authorized access to AT&T’s computers to submit large numbers of fraudulent and unauthorized unlock requests on behalf of the conspiracy and to install malware and unauthorized hardware on AT&T’s systems,” according to the indictment.

“This defendant thought he could safely run his bribery and hacking scheme from overseas, making millions of dollars while he induced young workers to choose greed over ethical conduct,” Brian Moran, the U.S. attorney for the Western District of Washington, said in a statement. “Now he will be held accountable for the fraud and the lives he has derailed.”

By unlocking the cellphones, they could then be used for other carriers, leading to an illegal enterprise. In just one instance, an unlocked iPhone XR currently retails for $749, but if it is connected to the phone network’s plan, customers pay a fraction of that cost in the form of monthly installments. By unlocking these phones that were connected to AT&T, prosecutors say the conspiracy cost the phone company more than $9.5 million.

The company has been “working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments,” according to a statement to ABC News.One employee was allegedly paid $428,500 over the five-year scheme.

The AT&T insiders allegedly planted malware on computers that allowed Fahd to log into AT&T’s “internal protected computers under false pretenses and to process fraudulent and authorized unlock request,” from a remote location, the indictment says. In addition to a malware, the DOJ alleges that the AT&T employees were bribed to also use their physical access points to install hardwired devices to give Fahid remote access to internal “protected computers,” so that he could study the company’s processes.

This arrest illustrates what can be achieved when the victim of a cyber-attack partners quickly and closely with law enforcement,”  Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division said in a statement. “When companies that fall prey to malware work with the Department of Justice, no cybercriminal—no matter how sophisticated their scheme—is beyond our reach.”

According to the DOJ, AT&T investigators caught on to his scheme in 2013, in which the employees who were helping Fahd left the company, although he still recruited additional employees to conspire with him.

“Fahd … began programming hardware devices designed to facilitate unauthorized access to AT&T’s internal protected network for the purpose of processing authorized unlock requests,” the indictment reads. Once “perfecting” the devices, Fahd would give the phones to the AT&T employees that he was bribing and they would then plug them into the internal network “without authorization to facilitate the unlocking of phones.”

Fahd has been charged with conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act. Another man, who is now deceased, was responsible for paying the bribes and gathering the IMEI numbers (similar to serial numbers which the two needed in order to have the AT&T employees unlock it) was also charged.

Leave a Reply