AT&T Insiders Bribed With Over $1 Million To Unlock 2 Million Phones and Hack Their Employer, DOJ Claims


Thomas Brewster
Forbes Staff Cybersecurity I cover crime, privacy and security in digital and physical forms.

AT&T logo seen displayed on a smart phone
AT&T was hacked by its own employees, who were bribed by a 34-year-old fraudster from Pakistan, according to DOJ charges. (Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images) LIGHT ROCKET VIA GETTY IMAGES

A 34-year-old from Pakistan has been extradited from Hong Kong to the U.S., over allegations he bribed AT&T employees over five years to unlock more than 2 million phones. He was also accused of hacking into AT&T computers. It cost AT&T millions, whilst the insiders were paid more than $1 million in bribes, according to an indictmentunsealed Monday.

Muhammad Fahd and his co-conspirator Ghulam Jiwani were accused of paying as much as $420,000 to individual AT&T staff at a call center in Boswell, Washington, asking them to unlock phones tied to the AT&T network. At the same time, U.S. prosecutors claimed Fahd was helping people who were paying to unlock and escape AT&T; in some contracts where cellphone cost has been reduced, AT&T requires customers remain on its network. Fahd would simply get a phone’s IMEI number from a willing buyer and then ask the AT&T insiders to unlock their device.

Bribed to hack?

But Muhammad’s alleged fraud went further, the Department of Justice said, as he asked employees to install malware on AT&T computers so that he could study how the telecoms giant’s internal processes worked. He then created malware that used AT&T employees passwords to get access to different computers so that he could do the unlocking himself, according to the indictment. Though AT&T investigators uncovered the unlocking malware in 2013 and the responsible insiders had departed, Fahd simply recruited others, the DOJ said.

Fahd also paid AT&T employees to install snooping hardware, malicious routers and rogue Wi-Fi access points in the building that again allowed for further access to supposedly protected computers, prosecutors claimed.

The defendant, whose legal counsel had not responded to a request for comment at the time of publication, was using a number of front companies as he approached AT&T employees in Boswell, according to the DOJ. He’d call or Facebook message them and when he’d convinced them to become part of the scheme, he’d tell them to open their own shell businesses so they could receive payment, according to the charges.