Muhammad Fahd, a citizen of Pakistan and Grenada, was sentenced today to 12 years in prison for his leadership role in a seven-year scheme to unlawfully unlock nearly 2 million phones to defraud AT&T Inc. (AT&T), inflicting more than $200 million in losses. At the sentencing hearing U.S. District Judge Robert S. Lasnik for the Western District of Washington noted that Fahd had committed a “terrible cybercrime over an extended period,” even after he was aware that law enforcement was investigating.
Cellular phones such as iPhones cost hundreds of dollars. To make the phones more affordable, during the relevant time, AT&T subsidized the purchase cost of phones or sold phones to customers under installment plans. Unlocking a phone effectively removes it from AT&T’s network, thereby allowing the account holder to avoid having to pay AT&T for service or to make any payments for purchase of the phone.
Beginning in 2012, Fahd, 35, conspired with others to recruit AT&T employees at a call center located in Bothell, Washington, to unlock large numbers of cellular phones for profit. Fahd recruited and bribed AT&T employees to use their AT&T credentials to unlock phones for ineligible customers. Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. In September 2020, he pleaded guilty to conspiracy to commit wire fraud.
According to records filed in the case, in approximately June or July of 2012, using the alias “Frank Zhang,” Fahd contacted an AT&T employee through Facebook. Fahd offered the employee significant sums of money if the employee would help Fahd secretly unlock phones at AT&T. Fahd also asked the employee to recruit other AT&T employees to help with the unauthorized unlocks.
In the spring of 2013, AT&T implemented a new unlocking system that made it more difficult for the bribed employees to unlock IMEIs for Fahd. In response, Fahd hired a software developer to design malware that could be installed without authorization on AT&T’s computer system to unlock phones more efficiently and in larger numbers. At Fahd’s request, the employees provided confidential information to Fahd about AT&T’s computer system and unlocking procedures to assist in this process. Fahd also had the employees install malware on AT&T’s computers that captured information about AT&T’s computer system and the network access credentials of other AT&T employees. Fahd provided the information to his malware developer, so the developer could tailor the malware to work on AT&T’s computers.
Fahd instructed the recruited employees to set up fake businesses and bank accounts for those businesses, to receive payments and to create fictitious invoices for every deposit made into the fake businesses’ bank accounts to create the appearance that the money was payment for genuine services.
AT&T’s forensic analysis shows the total number of cellular telephones fraudulently unlocked by members of the scheme was 1,900,033 phones. AT&T has further determined that the loss it suffered because customers, whose cellular phones were illegally unlocked, failed to complete payments for their cellular telephones was $201,497,430.94.
- For a long-lasting phone unlocking scheme that defrauded AT&T, a scammer was sentenced to prison
- Check all news and articles from the latest Security news updates.