Search
Close this search box.

AT&T Phone-Unlocking Malware Scheme Costs Company $200 Million and Shines Light on Potential Threats

The News: Last week a U.S. District Court Judge sentenced the ringleader of a seven-year malware scheme to 12 years in prison. The perpetrator groomed employees at an AT&T call center to help him install malware software on AT&T computers that would allow him to remotely unlock the phones and sever it from the carrier. The phone unlocking malware scheme cost AT&T more than $200 million in lost subscription fees. Read more about the case here.

AT&T Phone-Unlocking Malware Scheme Costs Company $200 Million and Shines Light on Potential Threats

Analyst Take: Malware is a constant threat for organizations. An overwhelming majority of malware attacks are spread by unsuspecting employees, which in and of itself is worrisome, but this case highlights another reality — insider threats pose great risks for organizations. Muhammad Fahd, the foreign-born actor, convicted of this scheme, created a fake Facebook profile to lure and bribe employees of a Washington-based AT&T call center to install malware on AT&T computers.

What’s more concerning? In 2013, AT&T found the malware on its network and removed it. Fahd wasn’t phased. He thereafter convinced the employees to provide confidential information about AT&T’s system that he then used to tailor new malware that would work on AT&T’s computers.

The malware granted him access to codes that would sever phones from the company’s network that customers would pay for through a now defunct company called Swift Unlocks. Not sure how this impacted AT&T? Customers who buy phones or other mobile devices through mobile services providers often do so at a discounted rate, but are locked in to the provider, meaning the device can’t be used on another network. Fahd’s scheme severed that connection, which resulted in over $200 million in lost cell subscriptions. This phone-unlocking malware scheme shines a new light on potential threat actors targeting and grooming employees from thousands of miles away.

It’s Bigger Than This Single Case

While the size of the case is troublesome for AT&T’s bottom line, this kind of access and the tailor-made malware could have been used for something much worse, including larger scale cyber stacks, ransomware, or even wide-scale espionage. Employees in call centers and even retail locations are consistently providing a conduit for threat actors. According to a recent survey “2020 Cost of Insider Threats: Global Report” from the Ponemon Institute, insider threats grew 47 percent between 2018 and 2020. The cost of those threats was over $11 million in 2020.

Until now, majority of insider security incidents have been caused by negligent employees, but this phone-unlocking malware scheme highlights the new potential threat that companies need to be prepared for. And when it seems like every day there is a new report of a ransomware attack or cybersecurity breach, educating and working with employees to prevent attacks is a simple solution that can save millions.

Disclosure: Futurum Research is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Other insights from Futurum Research:

Temenos And Zafin Availability On IBM Financial Services Cloud Platform Shows Banking-aaS Technology Stack Starts To Gain Traction

Managing App Sprawl In The Workplace – Futurum Tech Webcast Interview Series

Oracle Announces New Platform Fusion Marketing

Image Credit: ThreatPost

Author Information

Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”

SHARE:

Latest Insights:

Nick Patience, VP and AI Practice Lead at The Futurum Group shares insights on Google Cloud's strategy in the AI market. The article explores the key announcements and themes from the Google Cloud Summit London, focusing on the company's emphasis on generative AI, enterprise solutions, and data management capabilities.
Accelerating Growth Through Focused Innovation in Mainframe Optimization and AI-Driven Service Management
Steven Dickens, Chief Technology Advisor at The Futurum Group, shares insights on BMC Software’s decision to split into two independent companies. The article explores the strategic implications for BMC and BMC Helix, highlighting potential growth in AI-driven service management and mainframe optimization.
Gagan Gulati, GM at NetApp, joins Krista Case to share his insights on enhancing data resilience amidst the escalating threat of cyber attacks, highlighting the role of IDI in fostering business growth and agility.
Gabie Boko, CMO at NetApp, joins Daniel Newman to share her insights on embracing intelligent data infrastructure for agility in today's hybrid and multi-cloud environments.