Muhammad Fahd, a 34-year-old man from Pakistan, was arrested in Hong Kong last year in February at the request of the U.S. government and just extradited to the U.S. on Friday, August 2, 2019.
According to an indictment unsealed Monday, Fahd recruited and paid AT&T insiders working at a call center in Bothell, Washington, more than $1 million in bribes between 2012 and 2017 to help them unlock cell phones associated with specified IMEI numbers that otherwise were not eligible to be removed from AT&T's network.
Some telecommunication companies, including AT&T, Verizon, T-Mobile, and Sprint, sell flagship phones at discounted prices, but it comes with locked SIMs that prevent users from switching their network service for any other telecommunication service.
With his partners in crime at AT&T, Fahd and his co-conspirator Ghulam Jiwani, who is now deceased, ran a successful business where he charged millions of users in return to unlock their devices, enabling them to use a SIM card of any other carrier, domestically or internationally.
Fahd also paid AT&T employees bribes for installing malware on the company's internal computers at the Bothell call center which allowed Fahd to gather confidential and proprietary information on how AT&T's computer network and software applications function.
Apparently using that malware and credentials of his co-conspirator at AT&T, Fahd was able to automatically process unauthorized unlock requests for any cell phone from a remote location.
"After some of the co-conspirators were terminated by AT&T, the remaining co-conspirator employees aided Fahd in developing and installing additional tools that would allow Fahd to use the AT&T computers to unlock cell phones from a remote location," Justice of Department said.
"So far, three of those co-conspirators have pleaded guilty admitting they were paid thousands of dollars for facilitating Fahd's fraudulent scheme."
Later when Fahd was not able to remotely control its malware, he again bribed AT&T employees to install computer hardware devices, including wireless access points, that helped him gain access to AT&T internal network and continue unlocking phones remotely.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
In total, Fahd paid more than $1 million in bribe to AT&T employees, with one employee receiving $428,500 over the five-year scheme, which they receive in their bank accounts or business banking accounts in the name of shell companies created for receiving payments.
The suspect contacted the AT&T employees over the phone, Facebook, or other communication channels and instructed them to obtain prepaid cell phones and anonymous email accounts to communicate with him.
Fahd is charged with a total of 14 counts, which include one count for committing wire fraud, one to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act.
"This defendant thought he could safely run his bribery and hacking scheme from overseas, making millions of dollars while he induced young workers to choose greed over ethical conduct. Now he will be held accountable for the fraud and the lives he has derailed," U.S. Attorney Brian T. Moran said.
The suspect is facing up to 20 years in prison.