Man Accused Of Unlocking Millions Of Phones On Mobile Network Now Facing Up To 20 Years In Prison

Man Accused Of Unlocking Millions Of Phones On Mobile Network Now Facing Up To 20 Years In Prison
To sign up for our daily newsletter covering the latest news, features and reviews, head HERE. For a running feed of all our stories, follow us on Twitter HERE. Or you can bookmark the Gizmodo Australia homepage to visit whenever you need a news fix.

In some ways, Muhammad Fahd could be seen as the Robin Hood of tech, except that instead of stealing money from the rich and giving it back to the poor, he liberated phones from being locked down by a single carrier. American mobile carrier AT&T and the U.S. government probably don’t see it that way, though, because after being arrested in Hong Kong in 2018 and extradited back to the U.S. last week, Fahd is now facing a litany of charges from the U.S. Department of Justice.

According to the U.S Attorney’s Office from the Western District of Washington, Fahd is accused of orchestrating a scheme in which he paid AT&T employees to prematurely unlock phones that were tied to AT&T’s network so that the owners of those phones could use their devices on other carriers.

The DOJ claims that over five years, Fahd’s scheme “resulted in millions of phones being removed from AT&T service and/or payment plans, costing the company millions of dollars.” The DOJ also says that at least one co-conspirator who worked as an insider within AT&T was paid more than $US400,000 ($591,757) to help facilitate the illegal unlocking process.

Typically, when someone buys a new phone from a carrier, the device is locked to that network until the end of a contract or the device is fully paid off, at which point the phone owner can request the carrier to unlock the device so it can be used on another company’s network.

So in order to bypass this restriction, Fahd would obtain the IMEI (International Mobile Equipment Identity) number of a phone from a potential client, and then forward that number to an employee at AT&T who would then use their company credentials to unlock the device.

Later on, after some of Fahd’s co-conspirators lost their jobs at AT&T, Fahd allegedly even had one of his remaining AT&T insiders deploy hacked routers and install malware inside AT&T’s company network so that Fahd could unlock phones remotely without needing to relay IMEI numbers to employees within AT&T.

The DOJ says that currently, three former AT&T employees have pleaded guilty to assisting Fahd in his scheme, while Fahd faces a laundry list of charges including four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of international damage to a protected computer, four counts of violating the Travel Act, and more.

If found guilty, Fahd could spend up to 20 years in prison, though ultimately, sentencing will be determined based on court guidelines and other regulations. Also, while Fahd may appear to be on the side of the little guy, his operation wasn’t exactly a purely altruistic endeavour either, as U.S. attorney Brian T. Moran said Fahd made “millions of dollars while he induced young workers to choose greed over ethical conduct.”

Then again, between 2012 and 2017, when Fahd was running his scheme, the rules for unlocking phones in America weren’t always quite as clear or as accommodating as they are now. Depending on your carrier, even at the end of a two-year contract (which was the norm back then), there were no rules forcing carriers to unlock a phone, which meant that some devices were locked to a single carrier forever.

The big change didn’t come in the U.S. until August 2014, when Barrack Obama signed the Unlocking Consumer Choice and Wireless Competition Act into law, which forces carriers to comply with the device owner’s request to unlock the device in order to switch to another carrier, so long as the device has been paid off.

So while Fahd may have broken laws and made a bunch of money in the process, his scheme also potentially provided an important service to customers, a service that wasn’t fully being addressed by carriers at the time.

An AT&T spokesperson provided Gizmodo with an official statement from the company: “We have been working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments.” 

AT&T also added that the incident detailed above “did not involve any improper access or compromise of customer information, or affect our customers in any way.”