AT&T employees bribed with over $1 million to unlock 2 million mobile phones

• The fraudster bribed AT&T employees to install malicious software on AT&T computers which will collect the required information to create additional malware that would be used to “process fraudulent and unauthorized unlock requests” from remote servers.
• Additionally, the hardware devices installed on AT&T’s internal network gave the fraudster unauthorized access to the company’s computers.

What’s the matter?

A fraudster paid AT&T employees hundreds of thousands of US dollars to unlock mobile phones and install unauthorized tools and devices on the company's internal network for over five years between 2012 and 2017.

A detailed picture

The fraudster named Mohamed Fahd, 34, of Pakistan recruited AT&T employees at the customer service center in Bothell to disable the company’s protection against unlocking phones. This resulted in millions of mobile phones being removed from AT&T’s service or payment plans.

• Disabling protection against unlocking phones can be done via IMEI numbers provided by the fraudster to the employees.
• Apart from this, the malicious software installed on AT&T computers will collect the required information to create additional malware that would be used to “process fraudulent and unauthorized unlock requests” from remote servers.
• Additionally, the hardware devices installed on AT&T’s internal network gave the fraudster unauthorized access to the company’s computers.

Worth noting

• The fraudster totally paid over one million USD to AT&T employees to unlock over 2 million phones.
• One of the co-conspirators received $428,500 through the five-year-long illegal deal.
• While three of the co-conspirators pleaded guilty for taking bribes, some of them were terminated by the company.

Fraudster arrested

The fraudster, Muhammad Fahd has been arrested in Hong Kong on February 4, 2018, and extradited to the U.S. on August 2, 2019, for committing wire fraud, accessing a protected computer, and violating the Travel Act and the Computer Fraud and Abuse Act (CAAA). For these charges, he is expected to receive up to 20 years of imprisonment.

“MUHAMMAD FAHD is charged with conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act,” the DOJ said.