Joomla Templates and Joomla Extensions by JoomlaVision.Com

Telecom Review North America

Latest Issue

Telecom Review's Interview with Marc Halbfinger, CEO of PCCW Global

Telecom Review Summit 2017

Jeff Seal Interviews Zayo President Mike Strople

Telecom Review's Jeff Seal Moderates Submarine Fiber Optic Gathering

Socialize with us

AT&T Employees: Shame, Shame, Shame PDF Print E-mail
Wednesday, 14 August 2019 09:05

AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware on the company's network, the Department of Justice said yesterday.

These details come from a DOJ case opened against Muhammad Fahd, a 34-year-old man from Pakistan, and his co-conspirator, Ghulam Jiwani, believed to be deceased.

The DOJ charged the two with paying more than $1 million in bribes to several AT&T employees at the company's Mobility Customer Care call center in Bothell, Washington. Incessantly annoying and fraudulent robocalls.

Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million-dollar cyberheists.

If you are somehow under the impression that you — the customer — are in control over the security, privacy and integrity of your mobile phone service, think again. And you’d be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel.

The bribery scheme lasted from at least April 2012 until September 2017. Initially, the two Pakistani men bribed AT&T employees to unlock expensive iPhones so they could be used outside AT&T's network.

The two recruited AT&T employees by approaching them in private via telephone or Facebook messages. Employees who agreed, received lists of IMEI phone codes which they had to unlock for sums of money.

Employees would then receive bribes in their bank accounts, in shell companies they created, or as cash, from the two Pakistani men.

This initial stage of the scheme lasted for about a year, until April 2013, when several employees left or were fired by AT&T.

Comprehensive data science platform for your Windows or Mac machine: Prepare, blend, explore, and model your data within minutes without coding, on your desktop Unlimited modeling without overages Includes popular data science tools - Python...

That's when Fahd changed tactics and bribed AT&T employees to install malware on AT&T's network at the Bothell call center. Between April and October 2013, this initial malware collected data on how AT&T infrastructure worked.

According to court documents unsealed yesterday, this malware appears to be a keylogger, having the ability "to gather confidential and proprietary information regarding the structure and functioning of AT&T's internal protected computers and applications.

The DOJ said Fahd and his co-conspirator then created a second malware strain that leveraged the information acquired through the first. This second malware used AT&T employee credentials to perform automated actions on AT&T's internal application to unlock phone's at Fahd's behest, without needing to interact with AT&T employees every time.

In November 2014, as Fahd began having problems controlling this malware, the DOJ said he also bribed AT&T employees to install rogue wireless access points inside AT&T's Bothell call center. These devices helped Fahd with gaining access to AT&T internal apps and network, and continue the rogue phone unlocking scheme.

The DOJ claims Fahd and Jiwani paid more than $1 million in bribes to AT&T employees, and successfully unlocked more than two million devices, most of which were expensive iPhones. One AT&T employee received more than $428,500 in bribes over a five-year period, investigators said.

The DOJ said the two operated three companies named Endless Trading FZE, Endless Connections Inc., and iDevelopment. The DOJ didn't say if Fahd and Jiwani were unlocking stolen devices, or running an unauthorized phone unlocking website. For some email communications, Fahd used the [email protected] address, suggesting the latter scenario.

Fahd was arrested in Hong Kong in February 2018, and extradited to the US on August 2, last week. He now faces a litany of charges that may send him behind bars for up to 20 years.

AT&T estimated it lost revenue of more than $5 million/year from Fahd's phone unlocking scheme.

"We have been working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments," an AT&T spokesperson told ZDNet. The company said this incident did not involve access to customers' personal data.