A 34-year-old citizen of Pakistan, who allegedly paid insiders at telecommunications giant AT&T to plant malware and otherwise misuse computer networks to unlock cellphones, made an initial appearance today on a 14-count federal indictment, announced U.S. Attorney Brian T. Moran. MUHAMMAD FAHD was arrested in Hong Kong on February 4, 2018, at the request of the United States, and was extradited to the U.S. on Friday August 2, 2019. The second superseding indictment, filed in March 2018, describes how FAHD recruited and paid AT&T insiders to use their computer credentials and access to disable AT&T’s proprietary locking software that prevented ineligible phones from being removed from AT&T’s network. The scheme resulted in millions of phones being removed from AT&T service and/or payment plans, costing the company millions of dollars. FAHD allegedly paid the insiders hundreds of thousands of dollars – paying one coconspirator $428,500 over the five-year scheme.
MUHAMMAD FAHD is charged with conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act.
“This defendant thought he could safely run his bribery and hacking scheme from overseas, making millions of dollars while he induced young workers to choose greed over ethical conduct,” said U.S. Attorney Brian T. Moran. “Now he will be held accountable for the fraud and the lives he has derailed.”
"This arrest illustrates what can be achieved when the victim of a cyber attack partners quickly and closely with law enforcement,” said Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division. “When companies that fall prey to malware work with the Department of Justice, no cybercriminal—no matter how sophisticated their scheme—is beyond our reach.”
According to the indictment, between 2012 and 2017, FAHD recruited various AT&T employees to the conspiracy. Some early recruits were paid to identify other employees who could be bribed and convinced to join the scheme. So far, three of those coconspirators have pleaded guilty admitting they were paid thousands of dollars for facilitating FAHD’s fraudulent scheme.
Initially, FAHD allegedly would send the employees batches of international mobile equipment identity (IMEI) numbers for cell phones that were not eligible to be removed from AT&T’s network. The employees would then unlock the phones. After some of the co-conspirators were terminated by AT&T, the remaining co-conspirator employees aided FAHD in developing and installing additional tools that would allow FAHD to use the AT&T computers to unlock cell phones from a remote location. FAHD and a second co-conspirator, who is now deceased, allegedly delivered bribes to the AT&T employees both in person and via payment systems such as Western Union.
The crimes charged are punishable by up to 20 years in prison. If convicted, the ultimate sentence will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.
The charges contained in the indictment are only allegations. A person is presumed innocent unless and until he or she is proven guilty beyond a reasonable doubt in a court of law.
The case is being investigated by the U.S. Secret Service Electronic Crimes Task Force.
The case is being prosecuted by Assistant United States Attorneys Francis Franze-Nakamura, Andrew Friedman, Michelle Jensen and Senior Counsel Anthony V. Teelucksingh of DOJ’s Computer Crime and Intellectual Property Section. DOJ’s Office of International Affairs was instrumental in the successful extradition. The U.S. Marshals Service transported FAHD to the United States.