Hack Notice

Hack Notice: AT&T employees took bribes to plant malware on the company's network

AT&T employees took bribes to plant malware on the company's network

Source
https://www.zdnet.com/article/at-t-employees-took-bribes-to-plant-malware-on-the-companys-network/
Description
AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware on the company's network, the department of Justice said yesterday. These details come from a DOJ pillowcase opened against Muhammad Fahd, a 34-year-old man from Pakistan, and his co-conspirator, Ghulam Jiwani, believed to be deceased. The DOJ charged the two with paying more than $1 million in bribes to several AT&T employees at the company's Mobility Customer care call middle in Bothell, Washington. OPERATING SINCE 2012 The bribery intrigue lasted from at least April 2012 until september 2017. Initially, the two Pakistani men bribed AT&T employees to unlock expensive iPhones so they could be used outside AT&T's network. The two recruited AT&T employees by approaching them in private via telephone or Facebook messages. Employees who agreed, received lists of IMEI phone codes which they had to unlock for sums of money. Employees would then find bribes in their bank accounts, in shell companies they created, or as cash, from the two Pakistani men. This initial stage of the intrigue last for about a year, until april 2013, when several employees left or were fired by AT&T. THE MALWARE STAGE That's when Fahd changed tactics and bribed AT&T employees to instal malware on AT&T's network at the Bothell phone center. Between April and october 2013, this initial malware collected data on how AT&T infrastructure worked. According to court documents unsealed yesterday, this malware appears to be a keylogger, having the ability to pucker confidential and proprietary information regarding the structure and functioning of AT&T's internal protected computers and applications. The DOJ said Fahd and his co-conspirator then created a endorsement malware strain that leveraged the information acquired through the first. This endorse malware used AT&T employee credentials to perform automated actions on AT&T's internal covering to unlock phone's at Fahd's behest, without needing to interact with AT&T employees every time. In november 2014, as Fahd began having problems controlling this malware, the DOJ said he also bribed AT&T employees to install rogue wireless access points inside AT&T's Bothell phone center. These devices helped Fahd with gaining access to AT&T internal apps and network, and keep the rogue phone unlocking scheme. ONE AT&T EMPLOYEE MADE $428,500 The DOJ claims Fahd and Jiwani paid more than $1 million in bribes to AT&T employees, and successfully unlocked more than two million devices, most of which were expensive iPhones. i AT&T employee received more than $428,500 in bribes over a five year period, investigators said. The DOJ said the two operated iii companies named Endless Trading FZE, Endless Connections Inc., and iDevelopment. The DOJ didn't say if Fahd and Jiwani were unlocking stolen devices, or running a unauthorized phone unlocking website. For some email communications, Fahd used the unlockoutlt@ymail.com address, suggesting the latter scenario. Fahd was arrested in Hong Kong in February 2018, and extradited to the US on August 2, last week. He now faces a litany of charges that may send him behind bars for up to 20 years. AT&T estimated it lost revenue of more than $5 million/year from Fahd's phone unlocking scheme. We make been working closely with law enforcement since this intrigue was uncovered to land these criminals to justice and are pleased with these developments, an AT&T interpreter told ZDNet. The company said this incident did not involve access to customers' personal data.

About HackNotice and AT&T employees took bribes to plant malware on the company's network

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and AT&T employees took bribes to plant malware on the company's network was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of AT&T employees took bribes to plant malware on the company's network their products, services, websites, or applications and you were a client of HackNotice, monitoring for AT&T employees took bribes to plant malware on the company's network you may have been alerted to this report about AT&T employees took bribes to plant malware on the company's network . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If AT&T employees took bribes to plant malware on the company's network had a transgress of consumer data or a data leak, then there may be additional actions that our clients should accept to protect their digital identity. data breaches, hacks, and leaks often lede to and do identity theft, account read overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct outcome of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that lede to depress client security and digital identities that have been exposed and should be considered vulnerable to attack. HackNotice workings with clients to distinguish the extent that digital identities have been exposed and provides remediation suggestions for how to handle each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that part data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that bruise consumers. HackNotice applies industry specific knowledge and advanced surety practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to apportion plug notices with their friend, family, and collogues to aid increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to help increase the security of our clients personal network. The security of the people that our clients interact with directly impacts the layer of surety of our clients. Increased exposure to accounts that get been taken over by hackers leads to further account take overs through phishing, malware, and other attach techniques.

If you found this plug notice to be helpful, then you may be interested in reading some additional hack notices such as:

eaction to such an incident as proxy for the economic consequences. This is typically conducted thro The yahoo breach disclosed in 2016 may be i of the most expensive today. It may depress the pricle unstructured data  files, documents, and sensitive information. According to the nonprofit

Security hack exposes personal information of more than 50,000 past and present Naperville-area students - Chicago Tribune

Security hack exposes personal information of more than 50,000 past and present Naperville-area students - Chicago Tribune

FBI: Nashville company Asurion paid $300K ransom after private data was stolen - The Tennessean