AT&T Employees Took Bribes To Plant Malware On Company's Network

from the ill-communication dept

The DOJ this week announced that AT&T employees have been paid more than $1 million in bribes to unlock millions of smartphones, and to install malware and unauthorized hardware on the company’s network. According to the full DOJ complaint (pdf), Muhammad Fahd, a 34-year-old man from Pakistan and a (presumed dead) co-conspirator, Ghulam Jiwani, paid off AT&T employees at the company’s Mobility Customer Care call center in Bothell, Washington. In return, from April 2012 until September 2017, the two men unlocked iPhones so they could be used on another carrier’s network.

Worse, the bribed employees happily installed malware and keyloggers providing broad access to the AT&T network. That includes keyloggers intended to gather data on AT&T’s internal systems and processes:

The DOJ said Fahd and his co-conspirator then created a second malware strain that leveraged the information acquired through the first. This second malware used AT&T employee credentials to perform automated actions on AT&T’s internal application to unlock phone’s at Fahd’s behest, without needing to interact with AT&T employees every time. In November 2014, as Fahd began having problems controlling this malware, the DOJ said he also bribed AT&T employees to install rogue wireless access points inside AT&T’s Bothell call center. These devices helped Fahd with gaining access to AT&T internal apps and network, and continue the rogue phone unlocking scheme.

Carriers have had a bit of a problem with rogue employees being bribed. Similar tactics have been used by hackers engaged in “SIM hijacking,” which involves posing as a wireless customer, then fooling a wireless carrier to port the victim’s cell phone number right out from underneath them, letting the attacker then pose as the customer to potentially devastating effect. Both AT&T and T-Mobile have subsequently been sued after instances where SIM hijacking then lead to identity and cryptocurrency theft, though both companies have been busy trying to dodge culpability for failing to keep consumer data secure.

The DOJ notes that one AT&T employee received more than $428,500 in bribes over a five year period. And the operators of the scam appear to have been focused on running an illegal phone unlocking ring via a number of bogus companies including Endless Trading FZE, Endless Connections Inc., and iDevelopment. Fahd was arrested in Hong Kong in February 2018, and extradited to the US last week. AT&T, meanwhile, states that it lost upwards of $5 million in revenue annually as the result of the unlocking scheme. The DOJ does not detail the width and scope of the private data accessed via the malware planted by the duo.

Granted while the DOJ and government regulators were quick to run to AT&T’s assistance in this instance, they’ve been far more hesitant to police AT&T’s own, direct role in failing to secure customers’ private data. No action has been taken (nor criticism levied) against AT&T for failing to police both SIM hijacking scams being run on its own customers, nor has any agency taken action against revelations that AT&T and other mobile carriers spent years selling private customer location data to a universe of shady middlemen.

Filed Under: , , , ,
Companies: at&t

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “AT&T Employees Took Bribes To Plant Malware On Company's Network”

Subscribe: RSS Leave a comment
That Anonymous Coward (profile) says:

Well they watched all the money the top brass were earning allowing the NSA to deploy malware & compromise the network, so why not get your own side hustle?

Oh noes they unlocked phones!!!
Seems a bit less of a problem then sim swapping people to steal, or selling location data to anyone with the cash…

But then the Government is here to protect our corporate overlords while pretending they protect us.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...