Hacks

Former Owner of T-Mobile Retail Store Accessed Internal Systems to Unlock and Unblock Cell Phones

There has been an enormous breach within the internal system of T-Mobile that has caused a lot of damage to the company. T-Mobile’s internal systems were illegally accessed by a former owner of a retail store in order to unblock and unlock cellular phones. 

In addition to profiting $25 million from the hack, the hacker was also able to obtain the credentials of T-Mobile employees illegally.

The 44-year-old hacker, Argishti Khudaverdyan is accused of running a scheme between 2014 and 2019. As part of this scheme, he is accused of unlocking the phones from network operators.

Fraudulent Unlocking Services

The aim of this scheme is to enable these phones to be used with other telecommunication providers so that people could use them with other services.

The scheme was designed to affect mobile providers who have offered the devices at a special price to their customers or even provided them for free.

By locking them in their networks for a certain period of time, they are able to offset the cost. The hacker unlocked the devices that are reported to the company as stolen or lost devices by their rightful owners, and as a result, the company blocked those devices.

This is particularly detrimental when a stolen cellphone is unlocked and used as a tool or a communication medium.

The former T-Mobile store owner, Khudaverdyan, successfully ran this illicit service of unlocking and unblocking the smartphones on the company’s network fraudulently from August 2014 to June 2019. The following carriers’ devices were also unlocked along with T-Mobile:-

  • Sprint
  • AT&T

Using websites such as unlocks247[.]com to promote his unlocking services, Khudaverdyan promotes his unlocking services to potential clients. In addition to spam email, he also used a variety of brokers and other media to reach out to potential clients.

Over 50 T-Mobile employee credentials were compromised by Khudaverdyan in order to perform the unlockings. As a result of social engineering techniques and phishing emails that imitated actual internal correspondence of T-Mobile, the attack was carried out.

Charges

A couple of unauthorized access events were investigated by T-Mobile in 2017. As a result of these investigations, Khudaverdyan was suspected of conducting malicious activities, due to which his contract with the company was terminated.

Here below we have mentioned all the maximum charges that Khudaverdyan could face during his final hearing which was scheduled for October 17:-

  • For each wire fraud, 20 years of imprisonment.
  • For conspiracy to commit money laundering, 20 years of imprisonment.
  • For money laundering, 10 years of imprisonment.
  • For unauthorized computer access, 5 years of imprisonment.
  • For accessing a computer to defraud, 5 years of imprisonment.
  • For aggravated identity theft, 2 years of imprisonment.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates.

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk…

3 hours ago

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights…

16 hours ago

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers,…

17 hours ago

Apple ID “push bombing” Attack Targeting Apple Users to Steal passwords

Apple users are falling prey to a sophisticated phishing campaign designed to hijack their Apple…

19 hours ago

Hackers Using Weaponized Virtual Hard Disk Files to Deliver Remcos RAT

Hackers have been found leveraging weaponized virtual hard disk (VHD) files to deploy the notorious…

20 hours ago

NVIDIA ChatRTX For Windows App Vulnerability Let Attackers Escalate Privilege

A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and…

24 hours ago