A man allegedly carried out a wild scheme to bribe AT&T employees and unlock millions of phones

Is an AT&T retail store in Miami
Lynne Sladky/AP/Shutterstock

AT&T, like most mobile carriers, wants to keep people on their network for as long as possible. One way of doing that is locking a person's phone to their network, making it impossible to use the device with any other carrier's service. For most people, there's not much they can do about the restriction. Muhammad Fahd found a way around the lock, not just for his phone but allegedly for millions of devices locked to AT&T's network. Turns out all it takes is about $1 million worth of bribes paid to AT&T employees.

Fahd, a 34-year-old Pakistani man, is accused by the United States Department of Justice of carrying out a multi-year scheme in which he paid off AT&T workers in order to gain access to phones and illegally unlock the devices. Fahd and his alleged co-conspirator Ghulam Jiwani spent five years putting cash in the pockets of people working at AT&T's Mobility Customer Care call center in Bothell, Washington, spending "hundreds of thousands of dollars" including $428,500 to a single AT&T employee. During that time, they are believed to have unlocked more than two million devices, allowing them to be moved off of AT&T's network and supposedly costing the company millions of dollars.

The way things normally work when you buy a new phone from a carrier is the company keeps you locked to their network until the contract runs its course or the device is paid off in full. At that point, the phone's owner can request the company unlock the device and allow them to take it to another carrier. To get around that pesky process, Fahd allegedly collected the International Mobile Equipment Identity (IMEI) of a device from its owner and would then send that number to one of his insiders working at AT&T, who would use their access to the company's internal systems to unlock the device.

According to the DOJ's account, Fahd's plan hit a somewhat significant snag when some of his people on the inside lost their jobs at AT&T. Instead of giving up, Fahd simply developed a new, somehow even more brazen approach. He got in touch with his remaining connections within the company and allegedly got them to set up hacked routers within the AT&T Mobility Customer Care building and deployed malware on the devices of other AT&T employees. The malware was a keylogger, which when installed on a device can record every single keystroke that a person makes. Using that malicious software, Fahd was said to have recorded the login credentials including usernames and passwords of AT&T employees. With that level of access, he no longer needed to rely the IMEI to people on the inside. He could complete the entire process on his own, done remotely without requiring access to the company's facilities.

Fahd allegedly was involved in three different businesses called Endless Trading FZE, Endless Connections Inc. and iDevelopment. It's not entirely clear how those businesses may have been connected to his scheme, though, and none of the businesses have much of a web presence. The Department of Justice didn't specify in its charges if they believe Fahd and his co-conspirator were unlocking stolen phones for people or if they were operating a phone unlocking business that helped people get out of AT&T's restrictions. It seems likely, though, that Fahd was making money selling his alleged unlocking services to others.

It's worth noting that during much of the time that Fahd was allegedly carrying out his scheme, carriers often wouldn't allow people to take their devices to another carrier. It wasn't until 2014 that a bill was signed into law that made it legal to unlock phones and allow them to be moved to other services. It took another year to actually require mobile service providers to unlock devices for consumers, allowing them to switch to another carrier while keeping their device. So for at least some of the time that Fahd was supposedly operating, his clients didn't have another way to get their phone off of AT&T's network. Obviously that doesn't change the fact that what he allegedly did was illegal, but in the eyes of the people he was helping, he likely appeared as more of a Robin Hood figure than as a criminal.

Despite Fahd's somewhat altruistic approach to device unlocking, the Department of Justice would like to put him behind bars — perhaps understandable considering he cost AT&T more than $9.5 million, according to prosecutors. Fahd has been extradited to the U.S. from Hong Kong, where he was staying. He's facing a total of 14 charges, including conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act. If convicted, he'll face up to 20 years in prison. That's a type of lock up that he likely won't be able to work around.