AT&T workers bribed to infect firm's gear with malware, unlock phones, DOJ alleges

The US Department of Justice alleges that a scheme to unlock phones on the company's network robbed AT&T of millions of dollars.

Corinne Reichert Senior Editor
Corinne Reichert (she/her) grew up in Sydney, Australia and moved to California in 2019. She holds degrees in law and communications, and currently writes news, analysis and features for CNET across the topics of electric vehicles, broadband networks, mobile devices, big tech, artificial intelligence, home technology and entertainment. In her spare time, she watches soccer games and F1 races, and goes to Disneyland as often as possible.
Expertise News | Mobile | Broadband | 5G | Home tech | Streaming services | Entertainment | AI | Policy | Business | Politics Credentials
  • I've been covering technology and mobile for 12 years, first as a telecommunications reporter and assistant editor at ZDNet in Australia, then as CNET's West Coast head of breaking news, and now in the Thought Leadership team.
Corinne Reichert
2 min read

iPhones were allegedly unlocked from the AT&T network through the plot.

César Salza/CNET

Millions of AT&T  phones were illegally unlocked thanks to bribes taken by company employees to infect the carrier's mobile network with malware  that gathered info on proprietary protections, the US Department of Justice alleges. Unauthorized hardware is also alleged to have been used, court documents unsealed Monday showed.

According to CNET sister site ZDNet, a case was opened against Muhammad Fahd, a 34-year-old man from Pakistan, and Ghulam Jiwani, who's believed to be deceased. Fahd was arrested in Hong Kong in February and was extradited to the US over the weekend.

"Fahd recruited and paid AT&T insiders to use their computer credentials and access to disable AT&T's proprietary locking software that prevented ineligible phones from being removed from AT&T's network," the Justice Department alleges. "The scheme resulted in millions of phones being removed from AT&T service and/or payment plans, costing the company millions of dollars."

The DOJ alleges that employees at the Bothell, Washington, call center were bribed between April 2012 and September 2017. At first, they were allegedly bribed to unlock Apple iPhones to be used on other networks. They were contacted through Facebook messages or by phone calls and given lists of IMEI phone codes, and they then unlocked those phones for money, the DOJ alleges. Later, they allegedly installed malware on AT&T's network to gather information on proprietary device protections, and still later, malware was installed that automated the unlocking process.

Other employees were allegedly bribed to supply the names of workers who'd take part in the scheme. Three co-conspirators have pleaded guilty so far, admitting to receiving thousands of dollars in bribes.

One employee was allegedly bribed with more than $428,500 during the five-year period, with AT&T estimating a loss of revenue of over $5 million per year, ZDNet reported.

AT&T told CNET its network was unaffected by the malware and the plot didn't involve improper access to any customer information.

"We have been working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments," an AT&T spokesperson said in an emailed statement.

Originally published Aug. 6, 12:03 p.m. PT.
Update, 12:42 p.m.: Adds statement from AT&T.

From Apple to Samsung: 5G phones available right now

See all photos