Saturday, April 13, 2024

Paid Insiders Upload a Malware in AT&T Network and Unlocks Over 2 Million AT&T Phones

A recruiter from AT&T charged in a 14-count, U.S to have a paid insiders to planting malware on telecommunications giant AT&T Network for committing unauthorized access and computer networks to unlock cellphones.

Muhammad Fahd, 34, was arrested in Hong Kong on Feb. 4, 2018, and extradited to the United States for the indictment that alleges how Fahd recruited several paid insiders and granted permission to use computer credentials.

These sensitive credentials granted access to disable AT&T’s proprietary locking software that prevents ineligible phones from being removed from AT&T’s network.

This software feature was misused by insiders and resulted in millions of phones being removed from AT&T service and payment plans that lead to company loss million of dollars.

Paid Insiders were worked in AT&T’s Bothell Customer Service Center to Plant Malware, and Illegally unlock Cell Phones by planting malware.

According to DOJ, Muhammad Fahd is charged with conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act.

Muhammad and his co-conspirators spend more than $1 million in bribes over five years to install malware and spying devices.

A Phone that purchased by customer under interest-free installment plan from AT&T needs to agree to enter a service contract which prevents users to use only AT&T wireless network.

AT&T used proprietary software that prevents users to access any other networks other than AT&T networks, in case, the phone will be “unlocked” the customers will be allowed to use any network rather than AT&T.

If the phone is fraudulently unlocked without AT&T authorization, customers switched to other services and allowing them from being easily sold.

Fahd and those who worked with him are accused of recruiting AT&T employees to help unlock phones from the inside, paying one worker as much as $428,500 over five years.

Department of Justice indictment unsealed, Fahd allegedly would send the employees batches of international mobile equipment identity (IMEI) numbers for cell phones that were not eligible to be removed from AT&T’s network. The employees would then unlock the phones. 

Even if some of the paid insiders will be terminated, other insiders will aid Fahd in develop and installing additional tools to unlock the phone that he suggests from a remote location.

The bribes deliver to the insiders both in person and via payment systems such as Western Union. The charges contained in the indictment are only allegations. A person is presumed innocent until proven guilty beyond a reasonable doubt in a court of law. DOJ said.

Sponsored: Best Practices to Strengthen Cyber Security – Manage all the Endpoint networks from a single Console.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Also Read:

An In-Depth Look of IMSI Catcher – A Device for Law Enforcement Agencies to Track Cell Phones

Hoverwatch – The Simple Yet Potent Application to Track a Cell Phone

Website

Latest articles

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles