Wednesday, December 6, 2023

Paid Insiders Upload a Malware in AT&T Network and Unlocks Over 2 Million AT&T Phones

A recruiter from AT&T charged in a 14-count, U.S to have a paid insiders to planting malware on telecommunications giant AT&T Network for committing unauthorized access and computer networks to unlock cellphones.

Muhammad Fahd, 34, was arrested in Hong Kong on Feb. 4, 2018, and extradited to the United States for the indictment that alleges how Fahd recruited several paid insiders and granted permission to use computer credentials.

These sensitive credentials granted access to disable AT&T’s proprietary locking software that prevents ineligible phones from being removed from AT&T’s network.

This software feature was misused by insiders and resulted in millions of phones being removed from AT&T service and payment plans that lead to company loss million of dollars.

Paid Insiders were worked in AT&T’s Bothell Customer Service Center to Plant Malware, and Illegally unlock Cell Phones by planting malware.

According to DOJ, Muhammad Fahd is charged with conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act.

Muhammad and his co-conspirators spend more than $1 million in bribes over five years to install malware and spying devices.

A Phone that purchased by customer under interest-free installment plan from AT&T needs to agree to enter a service contract which prevents users to use only AT&T wireless network.

AT&T used proprietary software that prevents users to access any other networks other than AT&T networks, in case, the phone will be “unlocked” the customers will be allowed to use any network rather than AT&T.

If the phone is fraudulently unlocked without AT&T authorization, customers switched to other services and allowing them from being easily sold.

Fahd and those who worked with him are accused of recruiting AT&T employees to help unlock phones from the inside, paying one worker as much as $428,500 over five years.

Department of Justice indictment unsealed, Fahd allegedly would send the employees batches of international mobile equipment identity (IMEI) numbers for cell phones that were not eligible to be removed from AT&T’s network. The employees would then unlock the phones. 

Even if some of the paid insiders will be terminated, other insiders will aid Fahd in develop and installing additional tools to unlock the phone that he suggests from a remote location.

The bribes deliver to the insiders both in person and via payment systems such as Western Union. The charges contained in the indictment are only allegations. A person is presumed innocent until proven guilty beyond a reasonable doubt in a court of law. DOJ said.

Sponsored: Best Practices to Strengthen Cyber Security – Manage all the Endpoint networks from a single Console.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Also Read:

An In-Depth Look of IMSI Catcher – A Device for Law Enforcement Agencies to Track Cell Phones

Hoverwatch – The Simple Yet Potent Application to Track a Cell Phone


Latest articles

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles