AT&T Phone-Unlocking Malware Scheme Costs Company $200 Million and Shines Light on Potential Threats

The News: Last week a U.S. District Court Judge sentenced the ringleader of a seven-year malware scheme to 12 years in prison. The perpetrator groomed employees at an AT&T call center to help him install malware software on AT&T computers that would allow him to remotely unlock the phones and sever it from the carrier. The phone unlocking malware scheme cost AT&T more than $200 million in lost subscription fees. Read more about the case here.

AT&T Phone-Unlocking Malware Scheme Costs Company $200 Million and Shines Light on Potential Threats

Analyst Take: Malware is a constant threat for organizations. An overwhelming majority of malware attacks are spread by unsuspecting employees, which in and of itself is worrisome, but this case highlights another reality — insider threats pose great risks for organizations. Muhammad Fahd, the foreign-born actor, convicted of this scheme, created a fake Facebook profile to lure and bribe employees of a Washington-based AT&T call center to install malware on AT&T computers.

What’s more concerning? In 2013, AT&T found the malware on its network and removed it. Fahd wasn’t phased. He thereafter convinced the employees to provide confidential information about AT&T’s system that he then used to tailor new malware that would work on AT&T’s computers.

The malware granted him access to codes that would sever phones from the company’s network that customers would pay for through a now defunct company called Swift Unlocks. Not sure how this impacted AT&T? Customers who buy phones or other mobile devices through mobile services providers often do so at a discounted rate, but are locked in to the provider, meaning the device can’t be used on another network. Fahd’s scheme severed that connection, which resulted in over $200 million in lost cell subscriptions. This phone-unlocking malware scheme shines a new light on potential threat actors targeting and grooming employees from thousands of miles away.

It’s Bigger Than This Single Case

While the size of the case is troublesome for AT&T’s bottom line, this kind of access and the tailor-made malware could have been used for something much worse, including larger scale cyber stacks, ransomware, or even wide-scale espionage. Employees in call centers and even retail locations are consistently providing a conduit for threat actors. According to a recent survey “2020 Cost of Insider Threats: Global Report” from the Ponemon Institute, insider threats grew 47 percent between 2018 and 2020. The cost of those threats was over $11 million in 2020.

Until now, majority of insider security incidents have been caused by negligent employees, but this phone-unlocking malware scheme highlights the new potential threat that companies need to be prepared for. And when it seems like every day there is a new report of a ransomware attack or cybersecurity breach, educating and working with employees to prevent attacks is a simple solution that can save millions.

Disclosure: Futurum Research is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Other insights from Futurum Research:

Temenos And Zafin Availability On IBM Financial Services Cloud Platform Shows Banking-aaS Technology Stack Starts To Gain Traction

Managing App Sprawl In The Workplace – Futurum Tech Webcast Interview Series

Oracle Announces New Platform Fusion Marketing

Image Credit: ThreatPost

Author Information

Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”

SHARE:

Latest Insights:

On episode 265 of The Six Five Pod, Patrick Moorhead and Daniel Newman, hosts of the Six Five podcast, dive into the latest tech news and trends. They discuss HPE Discover highlights, OpenAI's legal battles with Microsoft, and Amazon's AI-driven workforce changes. The hosts debate the ethics of AI companies using web data for training and analyze Intel's strategic shifts under new leadership. They also explore Micron's strong earnings and Nvidia's continued dominance in the AI chip market. Throughout, Patrick and Daniel offer insightful commentary on the rapidly evolving tech landscape, punctuated with their signature banter and industry expertise.
In this episode of The Six Five Media webcast, Logitech’s Rishi Kumar and Microsoft’s Sandhya Rao discuss the new meeting technologies announced at their respective events, focusing on Microsoft Copilot, efficiency gains, and BYOD.
Meta and Oakley Introduce Oakley Meta HSTN, a New Category of Performance AI Glasses Tailored for Athletes and Fans
Olivier Blanchard, Research Director at Futurum, shares insights on Oakley Meta HSTN - smart glasses from Meta and Oakley that blend AI, 3K video, and sport-focused design for hands-free performance and real-world utility.
Jim O'Dorisio, SVP & GM at HPE Storage, joins David Nicholson and Keith Townsend to share insights on transforming storage strategies for a data-driven world, the integration of AI in data management, and the imperative of cyber resilience.

Book a Demo

Thank you, we received your request, a member of our team will be in contact with you.