Over 2 Million AT&T Phones illegally unlocked


AT&T insiders, who took the bribes of hundreds of thousands of dollars to plant non-approved tools and devices in the Company’s internal network, illegally unlocked millions of mobile telephones.

Muhrmad Fahd, 34, of Pakistan, recruited young staff from AT&T at the customer service center in Bothell for five years between 2012 and 2017 to remove protection from unlocking phones.

The proprietary locking software prevents the use of devices on other networks, making them compatible with mobile carriers worldwide.

For cell phones that have been locked to AT&T, Fahd provides the international IMEI (international mobile equipment identity) numbers, and corrupt employees disable protection.

According to the Ministry of Justice, mobile carriers lost millions of devices that were removed from their payment or service plans.

One of the co-conspirators was presumably awarded $428,500 by a five-year illegal deal.

Some of the insiders who helped Fahd were stopped by the company but others remained and helped him to unblock services illegally or to enable them outside the network.

Malware planted inside AT & T Computer

From April 2013 on the AT&T computer, the fraudster paid the customer malware at the customer service facility.

The malicious software helped Fahd gather sufficient information to develop additional malware to “process fraudulent and unauthorized requests for unlock” from remote servers.

Fahd and other members of the conspiracy bribed AT&T employees from November 2014 to plant hardware devices on their internal network from November until September 2017, including wireless connections to the corporate computers provided by fraudsters.

This violation was used to automate “process of submitting fraudulent and unauthorized unlock requests,” reads the indictment document.


In all, Mr Fahd, together with his partner Ghulam Jiwani (deceased according to the DoJ), paid more than $1 million to AT&T employees.

Three of those who co-conspired declared themselves guilty and acknowledged their role and bribes of thousands of US dollars.

Fahd was arrested in Hong Kong on 4 February 2018 and extradited to the United States on 2 August 2019 for crimes that might put him in prison for a maximum of 20 years.

Muhammad Fahd charges:

  • conspiracy to commit wire fraud
  • conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act (CAAA)
  • four counts of wire fraud
  • two counts of accessing a protected computer in furtherance of fraud
  • two counts of intentional damage to a protected computer
  • four counts of violating the Travel Act.
Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.