Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed


Bribery Used on AT&T Employees

Two Pakistani men, Muhammad Fahd, and Ghulam Jiwani, have been named after they allegedly recruited employees from AT&T over the course of five years, spanning from early 2012 until the fall of 2017. Private telephone and Facebook conversations during this time allowed the men to bribe employees at AT&T’s call center location in Bothell, Washington. It is believed that over $1 million USD was used to pay off the employees that obliged to the requests. When they had employees that were on their side, it allowed them to “sell members of the public the results ability fraudulently to unlock phones, so that members of the public could stop using AT&T wireless services.” Or in other words, they wanted the phones unlocked so that they could be used on any network. They would send a unique identity number to the employees of a phone that was not able to be unlocked and then the employee would use their credentials to unlock the phone. On top of this, they also were trying to install and run malware that would give them access to “confidential and proprietary information on how AT&T’s computer network and software applications functioned,” stated the DOJ. This method proved to be somewhat successful as the duo were able to have over two million devices unlocked. It is estimated that AT&T lost around $5 million in revenue due to the tactics used by Fahd and Jiwani. AT&T has been contacted for comment but has yet to release a statement on the matter or to respond at the time of writing.

Analyst Notes

Employees’ lines of communication should be closely monitored. Phone calls should be recorded when using a work line. Access to social media and other means of communication can be shut off while the employee is operating on the company’s network to avoid outside conversation.