Connect with us

Pakistani sentenced to 12 years in prison for bribing AT&T employees

Published

on

The fraudster bribed the employees of the mobile operator for installing malware on its networks.

A Pakistani citizen who bribed AT&T employees to install malware on the company’s internal networks received 12 years in prison for illegally unlocking more than 1.9 million phones, causing AT&T $ 201 million in damage.

How informs US Department of Justice, in the mid-2010s, 35-year-old Muhammad Fahd gave AT&T employees (now fired) a bribe of $ 1 million.

The illegal activity began in the summer of 2012 when Fahd contacted AT&T call center operators in Botell, Washington, USA. Using Facebook as his primary means of communication, the man promised them a large sum if they agreed to unlock AT&T phones so they could be sold and used outside of the company’s network.

To receive a bribe, employees had to set up shell companies and open business bank accounts for them. Fahd compensated for the bribe by selling phone unlocking services through the now defunct SwiftUnlocks.com website.

However, the fraudulent scheme only worked for a few months, until April 2013, when AT&T introduced new smartphone unlocking procedures and the bribed call center employees either quit or were fired.

Among other things, Fahd hired a specialist to create malware and bribed another employee to install malware on AT&T call center systems in Botella.

The first version of the malware was a basic keylogger for collecting information on networks, including employee credentials. The second version was more complex and was deployed in the later stages of the attacks. The malware played the role of a remote access tool and provided an attacker with easy access to internal AT&T applications.

The mobile operator became suspicious when an unusually high number of phone unlocking operations were discovered at a call center in Botella. The investigation showed that in total, the participants in the fraudulent scheme illegally unlocked 1,900,033 phones.

AT&T has also filed a complaint with the FBI against Fahd Ghulam’s accomplice Jivani. Both men were charged in 2017. Fahd was arrested in Hong Kong in 2018, extradited to the United States in August 2019, and pleaded guilty in September 2020.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Facebook Papers Sheds Light on Social Media Moderation Issues

Published

on

The media, to which the company’s internal documents were leaked, claim that the company prioritizes profits over users.

The so-called Facebook Papers (an array of documents released to the public by former Facebook product director Francis Haugen) shed light on the problems with content moderation and the fight against disinformation on the platform. Major media outlets to which Haugen handed the documents, including Reuters, Bloomberg and The Washington Post, argue that the company prioritizes profit over user safety, although Facebook employees have repeatedly warned it of the potential risks.

For example, The Washington Post accuses Facebook head Mark Zuckerberg of downplaying the importance of reports that the site contributed to incitement to hatred, while addressing the US Congress. According to the newspaper, Zuckerberg knew that the problem was actually much more serious than it was reported to the public.

According to internal company documents, the platform removes less than 5% of hateful posts, and senior management (including Zuckerberg) was well aware of the platform dividing people into opposing camps. Facebook denies the allegations and claims its internal documents were misinterpreted.

Zuckerberg is also allegedly responsible for the decision not to suppress misinformation about COVID-19 in the early stages of the pandemic, as there could be a “significant trade-off with the influence of MSI” (meaningful social interaction – an internal Facebook metric). Facebook denies this, claiming that the documents have been misunderstood.

In turn, the news agency Reuters accused Facebook of regularly neglecting developing countries, which were allowed to publish publications inciting hatred and calling for extremist action. In other words, the company did not hire enough moderators with knowledge of the language and culture of these countries to effectively remove such content. Instead, it unjustifiably relied on its automatic moderation systems, which are ineffective in non-English-speaking countries. Again, Facebook denies these allegations.

According to reports from The New York Times, Facebook was well aware that the “Like” and “Share” functions (key elements of the social network) contributed to the spread of hate speech. As stated in a document titled “What Is Collateral Damage”, Facebook’s failure to address this issue will ultimately result in the company “actively (not necessarily knowingly) promoting such activity.” Again, Facebook claims the document was misinterpreted because the company would not harm its users.

Continue Reading

Security

Discourse team has released an urgent patch to fix a critical vulnerability

Published

on

The vulnerability allows remote code execution using a specially crafted request.

Discourse Development Team let out steele update to address a remote code execution vulnerability in the platform.

Discourse is a popular open source Internet forum and mailing list management software with a client base of over 2,000 customers, including Amazon Seller Central, which has a monthly audience of 30 million users.

The vulnerability (CVE-2021-41163) is a validation error in the aws-sdk-sns gem upstream stream that can be exploited to remotely execute code using a specially crafted request. The highest severity vulnerability (CVSS 10) exists due to a lack of validation in the subscribe_url values.

The issue was fixed in Discourse 2.7.9 (stable) and 2.8.0.beta7. The Discourse team did not provide full information about the problem, but the information security expert who discovered the vulnerability, known as joernchen, published some details about her.

Developers are advised to upgrade to Discourse 2.7.9 and higher as soon as possible, and if this is not yet possible, apply protective measures, in particular, block requests containing the / webhooks / aws path at the upstream proxy level.

Continue Reading

Security

The skimmer on the SCUF Gaming website stole the data of 33 thousand bank cards

Published

on

The company warned its customers about possible suspicious activity with their bank cards.

Major manufacturer of custom gaming PCs and console controllers SCUF Gaming International notified its users that in February of this year, attackers hacked into his website and introduced a malicious script that steals bank card data.

SCUF Gaming users have fallen prey to web skimming, also known as e-skimming, digital skimming, or the Magecart attack. In the course of such attacks, attackers inject JavaScript scripts (so-called skimmers or Magecart scripts) into compromised online stores, which allow them to collect and steal payment and personal data of customers. Typically, the stolen information is then sold on hacking or carding forums or used for fraudulent purposes.

In this case, the script was injected into the online store SCUF Gaming after hackers gained access to the company’s backend server on February 3 using credentials belonging to a third-party vendor. Three weeks later, on February 18, the payment processor notified SCUF Gaming of unusual activity related to in-store credit cards. A month later, a skimmer was discovered on the site, which was subsequently removed.

“The investigation found that orders processed through PayPal were not compromised, and the incident is limited to payments and attempted payments using credit cards between February 3 and March 16,” the company said in a notice sent to affected users.

According to the notification, the names and surnames of cardholders, their email and billing addresses, card numbers, their expiration dates and CVVs could have been compromised.

The notification did not indicate the number of victims, but a letter to the attorney general says that the incident affected 32,645 people.

“This notification does not mean that fraud with your account has already taken place. You should monitor your account and notify the card issuer of any unusual or suspicious activity. As a precautionary measure, we recommend that you request a new payment card number from the issuer,” the notification says …

Continue Reading

Most Popular