AT&T workers bribed to infect firm's gear with malware, unlock phones, DOJ alleges
The US Department of Justice alleges that a scheme to unlock phones on the company's network robbed AT&T of millions of dollars.
- I've been covering technology and mobile for 12 years, first as a telecommunications reporter and assistant editor at ZDNet in Australia, then as CNET's West Coast head of breaking news, and now in the Thought Leadership team.
iPhones were allegedly unlocked from the AT&T network through the plot.
Millions of AT&T phones were illegally unlocked thanks to bribes taken by company employees to infect the carrier's mobile network with malware that gathered info on proprietary protections, the US Department of Justice alleges. Unauthorized hardware is also alleged to have been used, court documents unsealed Monday showed.
According to CNET sister site ZDNet, a case was opened against Muhammad Fahd, a 34-year-old man from Pakistan, and Ghulam Jiwani, who's believed to be deceased. Fahd was arrested in Hong Kong in February and was extradited to the US over the weekend.
"Fahd recruited and paid AT&T insiders to use their computer credentials and access to disable AT&T's proprietary locking software that prevented ineligible phones from being removed from AT&T's network," the Justice Department alleges. "The scheme resulted in millions of phones being removed from AT&T service and/or payment plans, costing the company millions of dollars."
The DOJ alleges that employees at the Bothell, Washington, call center were bribed between April 2012 and September 2017. At first, they were allegedly bribed to unlock Apple iPhones to be used on other networks. They were contacted through Facebook messages or by phone calls and given lists of IMEI phone codes, and they then unlocked those phones for money, the DOJ alleges. Later, they allegedly installed malware on AT&T's network to gather information on proprietary device protections, and still later, malware was installed that automated the unlocking process.
Other employees were allegedly bribed to supply the names of workers who'd take part in the scheme. Three co-conspirators have pleaded guilty so far, admitting to receiving thousands of dollars in bribes.
One employee was allegedly bribed with more than $428,500 during the five-year period, with AT&T estimating a loss of revenue of over $5 million per year, ZDNet reported.
AT&T told CNET its network was unaffected by the malware and the plot didn't involve improper access to any customer information.
"We have been working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments," an AT&T spokesperson said in an emailed statement.
Originally published Aug. 6, 12:03 p.m. PT.
Update, 12:42 p.m.: Adds statement from AT&T.
