Pakistan resident sentenced to prison for long-running phone unlocking scheme to defraud AT&T
Overall loss to AT&T estimated at more than $200 million
Seattle –A resident of Pakistan was sentenced today in the Western District of Washington to 12 years in prison for his leadership role in a seven-year scheme to unlawfully unlock phones to defraud AT&T Inc. (AT&T). At the sentencing hearing U.S. District Judge Robert S. Lasnik noted that Fahd had committed a “terrible cybercrime over an extended period,” even after he was aware that law enforcement was investigating.
Beginning in 2012, Muhammad Fahd, 35, conspired with others to recruit AT&T employees at a call center located in Bothell, Washington, to unlock large numbers of cellular phones for profit. Fahd recruited and bribed AT&T employees to use their AT&T credentials to unlock phones for ineligible customers. Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. In September 2020, he pleaded guilty to conspiracy to commit wire fraud.
“This defendant is a modern-day cybercriminal who combined his technological expertise with old-school techniques such as bribery, intimidation, and exploitation to run a criminal organization causing $200 million in losses,” said Acting U.S. Attorney Tessa M. Gorman. “And the damage was not just financial. Sadly, he persuaded and pressured young people into engaging in criminal conduct, spreading the damage of his greedy scheme to others.”
Cellular phones such as iPhones cost hundreds of dollars. To make the phones more affordable, during the relevant time, AT&T subsidized the purchase cost of phones or sold phones to customers under installment plans. Unlocking a phone effectively removes it from AT&T’s network, thereby allowing the account holder to avoid having to pay AT&T for service or to make any payments for purchase of the phone.
According to records filed in the case, in approximately June or July of 2012, using the alias “Frank Zhang,” Fahd contacted an AT & T employee through Facebook. Fahd offered the employee significant sums of money if the employee would help Fahd secretly unlock phones at AT&T. Fahd also asked the employee to recruit other AT&T employees to help with the unauthorized unlocks. Fahd needed additional AT&T employees to join the scheme, because Fahd wanted someone to be always available to expand his ability to do unauthorized unlocks.
Fahd also instructed the recruited employees to set up fake businesses, and bank accounts for those businesses, to receive payments, and to create fictitious invoices for every deposit made into the fake businesses’ bank accounts to create the appearance that the money was payment for genuine services.
In the spring of 2013, AT&T implemented a new unlocking system that made it more difficult for the bribed employees to unlock IMEIs for Fahd. In response, Fahd hired a software developer to design malware that could be installed without authorization on AT&T’s computer system to unlock phones more efficiently and in larger numbers. At Fahd’s request, the employees provided confidential information to Fahd about AT&T’s computer system and unlocking procedures to assist in this process. Fahd also had the employees install malware on AT&T’s computers that captured information about AT&T’s computer system and the network access credentials of other AT&T employees. Fahd provided the information to his malware developer, so the developer could tailor the malware to work on AT&T’s computers.
AT&T’s forensic analysis shows the total number of cellular telephones fraudulently unlocked by members of the scheme was 1,900,033 phones. AT&T has further determined that the loss it suffered because customers, whose cellular phones were illegally unlocked, failed to complete payments for their cellular telephones was $201,497,430.94.
Judge Lasnik ordered restitution of $200,620,698. (The difference between this amount and the total loss reflects restitution ordered against bribed AT&T employees in related prosecutions.)
Fahd was indicted in 2017, and arrested in Hong Kong in 2018. He was extradited and appeared in U.S. District Court in Seattle in August 2019. He pleaded guilty to conspiracy to commit wire fraud in September 2020.
This case is the result of an investigation conducted by the Seattle field office of the United States Secret Service, IRS-CI, and the U.S. Department of Justice. The Justice Department’s Office of International Affairs provided significant assistance.
This case was prosecuted by Assistant U.S. Attorneys Andrew Friedman and Francis Franze-Nakamura of the Western District of Washington, and Senior Counsel Anthony Teelucksingh of the Criminal Division’s Computer Crime and Intellectual Property Section.