image
The ringleader of a seven-year phone-unlocking and malware scheme will head to the clink for 12 years, according to the Department of Justice, after effectively compromising AT&T’s internal networks to install credential-thieving malware. The perp, one Muhammad Fahd of Pakistan and Grenada, was convicted of grooming AT&T employees at a Bothell, Wash. call center to take part in the scam. He and his now-deceased co-conspirator bribed employees to first use their AT&T credentials to sever phones from the AT&T network for customers who were still under contract — meaning those customers could take their newly independent phones to another service. And then later, Fahd asked his accomplices in the call center to install custom malware and “hacking tools that allowed him to unlock phones remotely from Pakistan,” according to court documents. In all, the 35-year-old Fahd effectively defrauded AT&T out of more than $200 million in lost subscription fees after divorcing nearly 2 million mobile phones from the carrier, the DoJ explained. “Unlocking a phone effectively removes it from AT&T’s network, thereby allowing the account holder to avoid having to pay AT&T for service or to make any payments for purchase of the phone,” it said. Recruiting Insider Threats It all started in the summer of 2012, when Fahd targeted an AT&T employee through Facebook using the alias “Frank Zhang,” He offered the employee “significant sums of money” in return for taking part in his scheme, and asked…

Source