Overall Loss to AT&T Estimated at more than $200 Million
September 16, 2021 - Muhammad Fahd, a citizen of Pakistan and Grenada, was sentenced today to 12 years in prison for his leadership role in a seven-year scheme to unlawfully unlock nearly 2 million phones to defraud AT&T Inc. (AT&T), inflicting more than $200 million in losses. At the sentencing hearing U.S. District Judge Robert S. Lasnik noted that Fahd had committed a “terrible cybercrime over an extended period,” even after he was aware that law enforcement was investigating.
Beginning in 2012, Fahd, 35, conspired with others to recruit AT&T employees at a call center located in Bothell, Washington, to unlock large numbers of cellular phones for profit. Fahd recruited and bribed AT&T employees to use their AT&T credentials to unlock phones for ineligible customers. Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. In September 2020, he pleaded guilty to conspiracy to commit wire fraud.
Cellular phones such as iPhones cost hundreds of dollars. To make the phones more affordable, during the relevant time, AT&T subsidized the purchase cost of phones or sold phones to customers under installment plans. Unlocking a phone effectively removes it from AT&T’s network, thereby allowing the account holder to avoid having to pay AT&T for service or to make any payments for purchase of the phone.
According to records filed in the case, in approximately June or July of 2012, using the alias “Frank Zhang,” Fahd contacted an AT&T employee through Facebook. Fahd offered the employee significant sums of money if the employee would help Fahd secretly unlock phones at AT&T. Fahd also asked the employee to recruit other AT&T employees to help with the unauthorized unlocks.
Fahd instructed the recruited employees to set up fake businesses, and bank accounts for those businesses, to receive payments, and to create fictitious invoices for every deposit made into the fake businesses’ bank accounts to create the appearance that the money was payment for genuine services.
In the spring of 2013, AT&T implemented a new unlocking system that made it more difficult for the bribed employees to unlock IMEIs for Fahd. In response, Fahd hired a software developer to design malware that could be installed without authorization on AT&T’s computer system to unlock phones more efficiently and in larger numbers. At Fahd’s request, the employees provided confidential information to Fahd about AT&T’s computer system and unlocking procedures to assist in this process. Fahd also had the employees install malware on AT&T’s computers that captured information about AT&T’s computer system and the network access credentials of other AT&T employees. Fahd provided the information to his malware developer, so the developer could tailor the malware to work on AT&T’s computers.
AT&T’s forensic analysis shows the total number of cellular telephones fraudulently unlocked by members of the scheme was 1,900,033 phones. AT&T has further determined that the loss it suffered because customers, whose cellular phones were illegally unlocked, failed to complete payments for their cellular telephones was $201,497,430.94.
Judge Lasnik ordered restitution of $200,620,698. (The difference between this amount and the total loss reflects restitution ordered against bribed AT&T employees in related prosecutions.)
Fahd was indicted in 2017 and arrested in Hong Kong in 2018. He was extradited and appeared in U.S. District Court in Seattle in August 2019. He pleaded guilty to conspiracy to commit wire fraud in September 2020.
This case is the result of an investigation conducted by the Seattle field office of the U.S. Secret Service, IRS-CI and the U.S. Department of Justice. The Justice Department’s Office of International Affairs provided significant assistance.
This case was prosecuted by Assistant U.S. Attorneys Andrew Friedman and Francis Franze-Nakamura of the Western District of Washington, and Senior Counsel Anthony Teelucksingh of the Criminal Division’s Computer Crime and Intellectual Property Section.
Source: DOJ Release