SEATTLE —A Pakistani man accused of bribing AT&T employees at a Bothell customer service center to unlock more than 2 million cellphones made his initial appearance on a 14-count federal indictment in U.S. District Court in Seattle Aug. 5.

Muhammad Fahd, 34, was arrested in Hong Kong at the request of the United States on Feb. 4, 2018. He was extradited to the U.S. on Friday, Aug. 2.

According to a Department of Justice release, Fahd is alleged to have paid insiders at the Bothell facility in the neighborhood of $1 million to plant malware and tap into computer networks to unlock the phones.

Man accused of bribing employees to plant malware at Bothell AT&T

An AT&T Bothell customer service center was the scene of an elaborate cybercrime that cost the company more than $9.5 million. Photo by Bob Kirkpatrick/EastSide Media

He is facing up to 20 years imprisonment if convicted of these crimes.

“This defendant thought he could safely run his bribery and hacking scheme from overseas, making millions of dollars while he induced young workers to choose greed over ethical conduct,” U.S. Attorney for the Western District of Washington Brian T. Moran said in an Aug. 5 statement. “Now he will be held accountable for the fraud and the lives he has derailed.”

AT&T said in a statement that the company has "been working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments.”

According to court documents, a second superseding indictment returned in January 2018, describes how Fahd recruited and paid AT&T insiders to use their computer credentials and access to disable AT&T’s proprietary locking software that prevented ineligible phones from being removed from AT&T’s network.

The scheme resulted in millions of phones being removed from AT&T service and/or payment plans, costing the company more than $9.5 milion.

The DOJ also charged Ghulam Jiwani, one of Fahd's alleged co-conspirators. Jiwani was arrested in Hong Kong, but died prior to being transferred to United States custody, a court document read.

The U.S. Marshals Service transported Fahd back to the United States.

“This arrest illustrates what can be achieved when the victim of a cyber-attack partners quickly and closely with law enforcement,” said Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division. “When companies that fall prey to malware work with the Department of Justice, no cybercriminal—no matter how sophisticated their scheme—is beyond our reach.”

According to the indictment, between 2012 and 2017, Fahd recruited various AT&T employees to the conspiracy. Some early recruits were paid to identify other employees who could be bribed and convinced to join the scheme.

To date, three of those co-conspirators have pleaded guilty admitting they were paid well into the six-figure range for facilitating Fahd’s fraudulent scheme.

Marc Sapatin has pleaded guilty to conspiracy to commit wire fraud, computer fraud and abuse, and conspiracy to commit money laundering. He is facing up to 30 years imprisonment and $750,000 in fines. Sapatin has agreed to pay $441,500 in restitution to AT&T. Devaughn Woods also pleaded guilty to conspiracy to commit wire fraud, computer fraud and abuse, and conspiracy to commit money laundering. He too faces up to 30 years imprisonment and fines up to $750,000. Woods agreed to pay $155,032 in restitution. Kyra Evans pleaded guilty to conspiracy to commit wire fraud, computer fraud and abuse and making a false statement. She faces up to 8 years imprisonment and $350,000 in fines. Evans agreed to pay restitution in the amount of $280,200.

The U.S. Secret Service Electronic Crimes Task Force is investigating this case.

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.