A U.S. district court has sentenced a man who unlocked 1.9 million phones to 12 years in prison. According to the Justice Department, Muhammad Fahd defrauded the business even after learning of an investigation against him. At Fahd’s sentencing hearing, Judge Robert S. Lasnik said he had committed a “horrific cybercrime over a long period of time”, and AT&T lost $ 201.5 million as a result.
In 2012, Fahd contacted an AT&T employee through Facebook and bribed them to help him unlock customers’ phones with ‘significant amounts’. Fahd, a citizen of Pakistan and Grenada, encouraged the employee to also recruit staff at a call center in Bothell, Washington.
The DOJ says the employees unlocked phones for ‘incompetent customers’, who paid Fahd a fee. In the spring of 2013, AT&T introduced a system that makes it harder for employees to unlock IMEIs. Fahd then hired an engineer to build malware that would be installed on AT & T’s systems to help him unlock phones more efficiently and remotely. The DOJ says the employees gave Fahd details about the company’s systems and unlocking methods to advance the process. The malware is said to have obtained information about the system and other AT & T employees’ credentials. The developer used these details to change the malware.
AT&T claims Fahd and his associates unlocked just over 1.9 million phones through the scheme. The company says because of the unlockings, customers did not complete payments on their devices, resulting in the nine-digit loss.
Fahd was arrested in Hong Kong in 2018 after a 2017 charge. He was extradited to the US and pleaded guilty in September 2020 to conspiracy to commit wire fraud.
All products recommended by Engadget are selected by our editorial staff, independent of our parent company. Some of our stories contain affiliate links. If you buy something through one of these links, we can earn an affiliate commission.