Nabbed and extradited from Hong Kong in 2019, Muhammad Fahd carried out a phone unlocking scheme with the help of AT&T employees for seven years. On September 21, Fahd, who could’ve carried out additional attacks, was awarded 12 years in prison.
A United States court has sentenced the main perpetrator of a seven-year fraud operation to 12 years in prison. The perpetrator, a Pakistani and Grenadian national, carried out a phone-unlocking and malware ploy that targeted telecom major AT&T.
According to the U.S. Department of Justice, Muhammad Fahd and his co-conspirators unlocked over 1.9 million phonesOpens a new window to defraud AT&T. In total, Fahd’s actions, which involved bribing AT&T customer service representatives, led to $200 million in losses for the telecom carrier.
Fahd’s actions were deemed a “terrible cybercrime over an extended period†by the U.S. District Judge Robert S. LasnikOpens a new window for the Western District of Washington. “Beginning in 2012, Fahd, 35, conspired with others to recruit AT&T employees at a call center located in Bothell, Washington, to unlock large numbers of cellular phones for profit,†the U.S. DoJ noted in a press release.
“Fahd recruited and bribed AT&T employees to use their AT&T credentials to unlock phones for ineligible customers. Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. In September 2020, he pleaded guilty to conspiracy to commit wire fraud.â€
Cellular phones are usually shielded from threats through a layer of protection provided by network carriers such as AT&T. Fahd was able to bypass this protection after obtaining credentials from AT&T insiders, who he recruited over Facebook between the summer of 2012 and April 2013. Fahd’s Facebook alias, the investigations revealed, was one ‘Frank Zhang.’
Locked AT&T phones are mainly offered as a way to make cell phones more affordable to consumers, who can pay AT&T in installments. When a phone is locked, the consumer cannot use any other network on the device and necessarily have to pay the cost of the subsidized phone back to the carrier.
Fahd’s accomplices at AT&T were bribed handsomely (approximately $1 millionOpens a new window ) for carrying out the malicious activities that included unlocking AT&T phones as well as recruiting fellow employees to help in the scheme. Unlocking phones releases users from AT&T services, payment plans, and the overarching covenant that is a stream of revenue for the company. It ultimately cost AT&T over $200 million in lost revenue.
See Also: SEC Charges App Annie $10M for Securities Fraud, Sets Precedent for Strong Data Laws
Things went awry in the spring of 2013 after AT&T implemented a new unlocking system after discovering the issue. With his recruits unable to unlock cell phones under the new system, Fahd had to get creative, for which he hired a software developer. With the developer’s help, Fahd got his hands on a custom-made malware.
Once again, AT&T employees assisted Fahd in provisioning information relevant to AT&T’s computer system and unlocking procedures to tailor the malware to AT&T-specific unlocking needs and then installing the malware. Not only could this malware be used to unlock phones more efficiently and in larger numbers, but it could also be installed on AT&T’s computer system without authorization.
Bidding for Fahd, these AT&T insiders set up fake businesses bank accounts “to receive payments and to create fictitious invoices for every deposit made into the fake businesses’ bank accounts to create the appearance that the money was payment for genuine services.†Some of the shell companies included Swift Unlocks Inc, Endless Connections Inc, iDevelopment Co, and Endless Trading FZE.
Fahd was arrested in Hong Kong in February 2018 and was extradited to the U.S.Opens a new window in August 2019. Three AT&T call center employees from Bothell, Washington, have already pleaded guilty and agreed to pay the money back to AT&T.
AT&T told GeekWireOpens a new window back in 2015, “We’re seeking damages and injunctive relief from several people who engaged in a scheme a couple of years ago to illegally unlock wireless telephones used on our network. It’s important to note that this did not involve any improper access of customer information, or any adverse effect on our customers.â€
Going by Fahd’s actions, it is clear that his only motive was to earn money by fraud and not instigate ransomware attacks. The $200,620,698 (out of $201,497,430.94) that Fahd managed to steal is ordered to be restituted by Judge Lasnik. The difference was covered by the bribes to AT&T employees.
Let us know if you enjoyed reading this story on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!