AT&T employees took over $1 million in bribes to plant malware and unlock millions of smartphones: DOJ

”AT&T employees took bribes to unlock millions of smartphones.”

This is quite the 'insider threat' case.

The Department of Justice is charging a Pakistani man with bribing AT&T employees more than $1 million dollars to install malware on the company's network, and to install illegal hardware inside AT&T, in a scheme that unlocked more than 2 million mobile devices on the AT&T network.

Perhaps yours.

Read more about the case in the DOJ's announcement here.

Fast Company tech editor Harry McCracken nails it: “If AT&T employees were willing to do this for bribes, it makes you wonder what else they might have done.”

DOJ says AT&T employees took the bribes from Muhammad Fahd, a 34-year-old man from Pakistan, and his co-conspirator, Ghulam Jiwani, who is believed to be dead.

The two men are charged with paying more than $1 million in bribes to several employees at AT&T's Mobility Customer Care call center in Bothell, Washington.

One AT&T employee made $428,500 in the criminal scheme, DOJ charges.

Catalin Cimpanu at ZDNet reports:

Between April and October 2013, this initial malware collected data on how AT&T infrastructure worked.

According to court documents unsealed yesterday, this malware appears to be a keylogger, having the ability "to gather confidential and proprietary information regarding the structure and functioning of AT&T's internal protected computers and applications.

The DOJ said Fahd and his co-conspirator then created a second malware strain that leveraged the information acquired through the first. This second malware used AT&T employee credentials to perform automated actions on AT&T's internal application to unlock phone's at Fahd's behest, without needing to interact with AT&T employees every time.

In November 2014, as Fahd began having problems controlling this malware, the DOJ said he also bribed AT&T employees to install rogue wireless access points inside AT&T's Bothell call center. These devices helped Fahd with gaining access to AT&T internal apps and network, and continue the rogue phone unlocking scheme.

READ MORE:

AT&T employees took bribes to plant malware on the company's network [ZDNet]

Leader of Conspiracy to Illegally Unlock Cell Phones for Profit Extradited from Hong Kong [justice.gov]

From Twitter, below.

[via techmeme]