AT&T Employees Took Bribes To Plant Malware on the Company's Network (zdnet.com) 74
AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware on the company's network, the Department of Justice said yesterday. From a report: These details come from a DOJ case opened against Muhammad Fahd, a 34-year-old man from Pakistan, and his co-conspirator, Ghulam Jiwani, believed to be deceased. The DOJ charged the two with paying more than $1 million in bribes to several AT&T employees at the company's Mobility Customer Care call center in Bothell, Washington. The bribery scheme lasted from at least April 2012 until September 2017. Initially, the two Pakistani men bribed AT&T employees to unlock expensive iPhones so they could be used outside AT&T's network. The two recruited AT&T employees by approaching them in private via telephone or Facebook messages. Employees who agreed, received lists of IMEI phone codes which they had to unlock for sums of money. Employees would then receive bribes in their bank accounts, in shell companies they created, or as cash, from the two Pakistani men.
Re: (Score:2)
Only once the phone is paid for, and even then, if the company subsidized the price of the phone, there may be a certain amount of time before the company is willing to unlock it.
What's surprising is that there weren't automatic blocks to prevent unlocking until a phone was paid-off.
Re: (Score:2)
What's surprising is that there weren't automatic blocks to prevent unlocking until a phone was paid-off.
AT&T (at least at one point - don't know if it still does) had a policy of unlocking phones when a customer went abroad.
Building a block into their business-flow software would prevent that.
Re: (Score:1)
Yes I see. You make a good point. But why stop with the employees? There are non-employees and customers who are doing things AT&T doesn't like as well. I mean AT&T is out to make a profit so "not liking" means impairing their ability to do so. Hurting someone's business via speech and expression is generally considered to override the 1st Amendment when it damages someone's business, surely doing other things not protected by the bill of rights is especially egregious and worthy of civil penalty. H
Non-cash transactors are screwed (Score:2)
Why one earth would someone accept anything other than cash for this? Direct deposit? Dummy corporation? All traceable by people with a lot more skill than the average customer service representative.
Re:Non-cash transactors are screwed (Score:5, Insightful)
Why one earth would someone accept anything other than cash for this?
Well, small time criminals that get caught are not very smart. Countless ones have been caught because they left a paper trail of because they suddenly spend much more money than they should have. The only good way to do this is cash-only, no records, and spend the money slowly and carefully in ways hard to trace to you.
But remember there is a confirmation bias here: These _were_ caught. I would not be surprised if there was much more of this kind of corruption, just perpetrated in a smarter way.
Re: (Score:2)
Re: (Score:1)
Will they be charged as well? What are their names and nationality?
My guess is that they were immigrants as well, because they do work that Americans won't do.
Re: (Score:2)
Will they be charged as well? What are their names and nationality?
I don't have names or nationalities, but I did get a long list of them. Each one was identified as "damn kid".
Re: (Score:2)
And people complain about Russia and China
What is your point? Are you saying that if someone robs a post office we shouldn't complain about somebody else robbing a bank?
And that is why you treat your employees well (Score:3, Insightful)
The only thing that can protect you here is loyal employees. Treat your employees badly and some will be willing to do something like this and the others will not care enough to notice. There is no technological measure and no other way to really protect you against this threat.
Re:And that is why you treat your employees well (Score:5, Insightful)
Yeah, it was 'being treated badly' and not $1M that made the employees do it. Yeah.
Re: (Score:2)
Yeah, it was 'being treated badly' and not $1M that made the employees do it. Yeah.
"Torture", it's called. Well, "emotional torture waiting for the money", but the T word is in it!
Re: (Score:1)
you can never pay a politician enough money to keep him from being corrupt
This is why we need term limits, as in one term and you are out. These people are not so valuable to the nation that they cannot be rotated out regularly. Or as the saying goes, like an infant's diaper we need to change our elected officials often, and for the same reason.
If we do get the rare elected official that is valuable in office then that person can be elected to a higher office. Someone that starts out on a county commission and moves up to POTUS can spend their entire adult life in elected offi
Re: (Score:2)
Maybe have term limits that say no consecutive terms. That means the politician (AND family) is never running for reelection.
And no lobbying jobs in between.
Re: That's just nonsense (Score:2)
Just no. Michigan has had term limits since the 90's and it sucks ass. The legislature is perpetually punting shit down the road and passing nonsense like making drunk driving laws more onerous than is necessary. (I think, at this point, if you get a third offense super drunk, it's something like 5-20 years in prison.) Our roads are falling apart. Our schools are now the worst in the country. Twenty years ago, schools were great and so were the roads.
The reason for all this suckitude is that there's no long
Re: (Score:2)
This is why we need term limits, as in one term and you are out.
You do this and the actual government is the unelected staff that remains after each politician leaves office. They're the only ones with experience, so they're the only ones who can actually get anything done. Which means the neophytes you keep electing hire them, rely heavily on them, and let them run the show.
At least with the multi-decade office holders, there's periodic elections where they could be thrown out. This would be greatly helped if we didn't allow so much gerrymandering, btw.
Re: (Score:2)
This is why we need term limits, as in one term and you are out.
You do this and the actual government is the unelected staff that remains after each politician leaves office. They're the only ones with experience, so they're the only ones who can actually get anything done. Which means the neophytes you keep electing hire them, rely heavily on them, and let them run the show.
At least with the multi-decade office holders, there's periodic elections where they could be thrown out. This would be greatly helped if we didn't allow so much gerrymandering, btw.
This is a strong argument for more limited government. I'm well aware of the government bureaucracy and the steps they'll take to distract elected or appointed officials away from what is happening inside the bureaucracy. A common one when dealing with appointees is to just fill their calendars with public appearances and meetings, they won't have time to actually walk around the agency and see what's really going on, and have to rely on the bureaucracy for any information they receive.
Re: (Score:1)
No, detecting malware that is under remote control and detecting rogue access points on your internal network is IT security 101. There's no need to blame it on HR or employee feels. This was a massive failure by AT&T's network security group.
Re: (Score:2)
You have no idea how hard it is to separate legitimate traffic from non-legitimate traffic in a large corporate network.
Meh (Score:4, Funny)
AT&T estimated it lost revenue of more than $5 million/year from Fahd's phone unlocking scheme.
Their revenue is $170.756 billion. Boo-hoo.
Re: (Score:2)
AT&T estimated it lost revenue of more than $5 million/year from Fahd's phone unlocking scheme.
Their revenue is $170.756 billion. Boo-hoo.
That's .003%! That's HUUUUUGE!
Two Points (Score:3, Informative)
One, the title mentions malware while the TFS makes no mention of it - so good work /. editors.
Two, the malware as described in the TFA:
According to court documents unsealed yesterday, this malware appears to be a keylogger, having the ability "to gather confidential and proprietary information regarding the structure and functioning of AT&T's internal protected computers and applications.
The DOJ said Fahd and his co-conspirator then created a second malware strain that leveraged the information acquired through the first. This second malware used AT&T employee credentials to perform automated actions on AT&T's internal application to unlock phone's at Fahd's behest, without needing to interact with AT&T employees every time.
Which to me sounds more benign than the typical AT&T malware.
The horrible crime of (Score:2)
Unlocking a phone. LMAO. Hope he doesn't get too much time for that.
I don't get the market I guess (Score:1)
AT&T unlocked my iPhone when I called customer service and asked nicely. Free.
Devil's minions duped the Devil (Score:2)
The employees are hired to lie to customers and put unrequested charges on their bills. (They did it to me and friends.) Of course such employees are easily bribed to do evil to the company itself. Being evil is their job requirement.
A study in contrasts (Score:2)
While you spent the last two days all butt hurt over me pointing out that anyone searching for "APK Hosts File" is now sent to your competition, Nilhcem Host Editor Pro, I spent the last two days doing volunteer work.
While you were here doing the same crap you've been doing that for you banned from ars when people there told you off for spamming, I was working with other women to serve over 200 families.
While you rant at me because you cannot deal with the fact that your shit Hosts File is now invisib
Re: (Score:2)
Re: (Score:1)
Yet when AT&T.. (Score:2)
Yet when AT&T puts crap on your phone it's somehow OK.
I've wrotten about this MULTIPLE times (Score:2)
What I have found interesting is how many ppl have called me racists for speaking of what I have seen, which shows why we have such serious security issues in the west, esp. America.
Re: (Score:2)