A 34-year-old citizen of Pakistan, who is alleged to have paid insiders at telecommunications giant AT&T to plant malware and otherwise misuse computer networks to unlock cellphones, was charged in a 14-count federal indictment unsealed yesterday following his extradition from Hong Kong to the Western District of Washington.
Muhammad Fahd was arrested in Hong Kong on Feb. 4, 2018, at the request of the United States, and was extradited to the United States on Aug. 2, 2019. The second superseding indictment, filed in March 2018, alleges how Fahd recruited and paid AT&T insiders to use their computer credentials and access to disable AT&T’s proprietary locking software that prevented ineligible phones from being removed from AT&T’s network. The scheme resulted in millions of phones being removed from AT&T service and/or payment plans, costing the company millions of dollars. Fahd allegedly paid the insiders tens of thousands of dollars – paying one coconspirator $428,500 over the five-year scheme.
Muhammad Fahd is charged with conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act.
“This arrest illustrates what can be achieved when the victim of a cyber attack partners quickly and closely with law enforcement,” said Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division. “When companies that fall prey to malware work with the Department of Justice, no cybercriminal—no matter how sophisticated their scheme—is beyond our reach.”
“This defendant thought he could safely run his bribery and hacking scheme from overseas, making millions of dollars while he induced young workers to choose greed over ethical conduct,” said U.S. Attorney Brian T. Moran for the Western District of Washington. “Now he will be held accountable for the fraud and the lives he has derailed.”
According to the indictment, between 2012 and 2017, Fahd recruited various AT&T employees to the conspiracy. Some early recruits were paid to identify other employees who could be bribed and convinced to join the scheme. So far, three of those coconspirators have pleaded guilty, admitting they were paid thousands of dollars for facilitating Fahd’s fraudulent scheme.
Initially, Fahd allegedly would send the employees batches of international mobile equipment identity (IMEI) numbers for cell phones that were not eligible to be removed from AT&T’s network. The employees would then unlock the phones. After some of the co-conspirators were terminated by AT&T, the remaining co-conspirator employees aided Fahd in developing and installing additional tools that would allow Fahd to use the AT&T computers to unlock cell phones from a remote location. Fahd and a second co-conspirator, who is now deceased, allegedly delivered bribes to the AT&T employees both in person and via payment systems such as Western Union.
The charges contained in the indictment are only allegations. A person is presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
The case is being investigated by the U.S. Secret Service Electronic Crimes Task Force.
The case is being prosecuted by Senior Counsel Anthony V. Teelucksingh of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorneys Francis Franze-Nakamura, Andrew Friedman and Michelle Jensen of the Western District of Washington. The Criminal Division’s Office of International Affairs was instrumental in the successful extradition. The U.S. Marshals Service transported Fahd to the United States.