[TheRecord] Man who bribed AT&T employees to install malware on the company’s network gets 12 years in prison

A Pakistani man who bribed AT&T employees to install malware on the company’s internal network has been sentenced today to 12 years in prison after he illegally unlocked more than 1.9 million phones, causing the US telco losses in excess of $201 million.

Muhammad Fahd, 35, a citizen of Pakistan and Grenada, paid more than $1 million in bribes to AT&T employees in the mid-2010s, according to court documents.

Working with a now-deceased co-conspirator, Fahd began his scheme in the summer of 2012 when he approached AT&T employees working in the company’s call center in Bothell, Washington.

Using Facebook as a means to communicate, Fahd promised large payments of money if call center employees agreed to unlock phones so they could be sold and used outside AT&T’s network.

To receive their bribes, Fahd told AT&T employees “to create shell companies and open business banking accounts in the names of the shell companies,” per the court docs.

Fahd recuperated the bribes by selling phone unlocking services through the now-defunct SwiftUnlocks.com website [archived].

But the scheme lasted only for a few months, until April 2013, when AT&T implemented a new phone unlocking procedure and call center employees Fahd had bribed either left or were fired by AT&T.

At this point, seeking to go around AT&T’s new systems, the US Department of Justice said Fahd hired a developer to write a piece of malware.

Fahd then bribed another employee to install the malware inside AT&T’s Bothell call center.

An initial version of the malware worked as a basic keylogger, collecting information from inside the network, including network layout and employee credentials.

A second version was more sophisticated and deployed at a later stage, acting as a remote access tool and allowing Fahd easy access to AT&T’s internal applications.

The mobile operator caught that something was wrong when engineers detected a large number of phone unlock operations from its Bothell call center.

A 2015 internal investigation ended up with AT&T firing and suing former employees on accusations of installing malware on its network, with the company unearthing the connection between the fired employees and the SwiftUnlocks website.

AT&T’s forensic analysis shows the total number of cellular telephones fraudulently unlocked by members of the scheme was 1,900,033 phones. AT&T has further determined that the loss it suffered because customers, whose cellular phones were illegally unlocked, failed to complete payments for their cellular telephones was $201,497,430.94.

US Department of Justice

AT&T also filed a separate complaint with the FBI, which conducted its own parallel investigation, and eventually tracking the entire scheme to Fahd and his co-conspirator, Ghulam Jiwani.

US officials filed charges against the two in 2017. Fahd was arrested in Hong Kong in 2018 and extradited to the US in August 2019. He pleaded guilty in September 2020.

The post Man who bribed AT&T employees to install malware on the company’s network gets 12 years in prison appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[HackerNews] Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability

All posts, HackerNews

Apple on Monday released a security update for iOS and iPad to address a critical vulnerability that it says is being exploited in the wild, making it the 17th zero-day flaw the company has addressed in its products since the start of the year.’ The weakness, assigned the identifier CVE-2021-30883, concerns a memory corruption issue in […]

Read More

[SecurityWeek] Healthcare IoT Cybersecurity Firm Cynerio Raises $30 Million

All posts, Security Week

Healthcare IoT cybersecurity and asset management solutions provider Cynerio this week announced closing a $30 million Series B funding round. To date, the company has raised a total of $37 million. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] Microsoft, Intel and Goldman Sachs Lead New Supply Chain Security Group at TCG

All posts, Security Week

Microsoft, Intel and Goldman Sachs will lead a new work group focusing on supply chain security at the Trusted Computing Group (TCG). TCG is a non-profit organization that develops, defines and promotes open and vendor-neutral industry specifications and standards for trusted computing platforms, including the widely used Trusted Platform Module (TPM). read more Source: Read […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.