20 September 2021

Pakistani man sentenced to 12 years in prison for unlocking nearly 2M AT&T phones


Pakistani man sentenced to 12 years in prison for unlocking nearly 2M AT&T phones

A Pakistani man was sentenced to 12 years in prison for his role in a seven-year scheme that involved fraudulent unlocking of over 1.9 million of AT&T phones due to which AT&T, the world's largest telecommunications company suffered more than $200 million losses.

In 2012, Muhammad Fahd, a citizen of Pakistan and Grenada, contacted an AT&T employee through Facebook and bribed them with “significant sums of money” to help him secretly unlock phones at AT&T and to recruit other AT&T employees to help with the unauthorized unlocks. The employees unlocked phones for "ineligible customers," who paid Fahd a fee.

The bribed employees also installed custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan, according to the US Department of Justice.

In the spring of 2013, AT&T implemented a system that made it harder to unlock IMEIs. Fahd then hired a software developer to create malware that could be installed without authorization on AT&T’s computer system to unlock phones more efficiently.

According to the DoJ, AT&T employees provided confidential information to Fahd about AT&T’s computer system and unlocking procedures. The employees also installed malware on AT&T’s computers that gathered info about AT&T’s computer system and the network access credentials of other AT&T employees.

AT&T said because of the unlocks, customers didn't complete payments on their devices, resulting in $201,497,430.94 of losses.

Fahd was indicted in 2017 and arrested in Hong Kong in 2018. He was extradited and appeared in U.S. District Court in Seattle in August 2019. He pleaded guilty to conspiracy to commit wire fraud in September 2020.


Back to the list

Latest Posts

LightBasin hackers compromised 13 global telecoms in just two years

LightBasin hackers compromised 13 global telecoms in just two years

LightBasin is active since at least 2016 and is focused on Linux and Solaris servers, only interacting with Windows systems as needed.
20 October 2021
Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Attempted attacks come days after a massive ransomware attack on Hillel Yaffe Medical Center, attributed to the DeepBlueMagic group.
19 October 2021
State-sponsored hackers target orgs in South Asia with custom backdoor

State-sponsored hackers target orgs in South Asia with custom backdoor

Harvester has been observed using both custom malware and publicly available tools, such as Cobalt Strike Beacon and Metasploit, in their attacks.
19 October 2021