A 34-year old Pakistani man has been found to have given up to $1 million in bribes to AT&T employees to fraudulently unlock over 2 million phones, according to an indictment from the Department of Justice (DOJ) released on Monday.
The man was extradited from Hong Kong to the US in Friday for cyber crimes committed over a period of 5 years, from 2012 - 2017.
Muhammad Fahd and his co-conspirator Ghulam Jiwani have been accused of paying up $420,000 individually to AT&T staff at a call centre in Boswell, Washington.
Jiwani's role in the conspiracy was gathering the IMEI numbers and paying the bribes, but he died prior to being extradited to the US, according to the DOJ.
US prosecutors claim that they asked workers to unlock phones which were tied to the AT&T network, while simultaneously helping people who were locked to AT&T's network before they had paid off their contracts or devices.
Fahd would use the IMEI number on the phone and request the AT&T collaborators to unlock their device from the inside.
His cyber-crimes also extended beyond phones to computers. He asked willing AT&T employees to install a malware on computers at the company, through which he would then unlock the phones himself.
When AT&T discovered the malware, Fahd's insiders had already left the company. He later recruited other employees to aid in his alleged schemes, according to the DOJ.
Rahd used front companies to get into contact with AT&T employees in Boswell.
He would simply call or send a Facebook message directly, once he had convinced them, he would instruct them to open a shell business through which they could receive payment, according to the charges made against the defendant.
US attorney Brian Moran said: “This defendant thought he could safely run his bribery and hacking scheme from overseas, making millions of dollars while he induced young workers to choose greed over ethical conduct.”
“Now he will be held accountable for the fraud and the lives he has derailed.”
The charges against Fahd are: conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act.
Former AT&T employees have also pleaded guilty to their involvement.
Kyra Evans, DeVaughn Woods, and Marc Sapatin all agreed to pay fines to AT&T and may also serve prison time.
They are all expected to testify against Fahd, according to a court document.
The DOJ has alleged that "between 2012 and 2017, Fahd recruited various AT&T employees to the conspiracy," meaning that there are potentially scores of former and current AT&T employees who were involved.
The sentencing hearings are set to take place on 1 November.