AT&T says malware secretly unlocked hundreds of thousands of phones

The audacious scheme was carried out with help from AT&T employees, it alleged in court documents.

AT&T said three of its employees secretly installed software on its network so a cellphone unlocking service could surreptitiously funnel hundreds of thousands of requests to its servers to remove software locks on phones.

The locks prevent phones from being used on competing networks and have been an important tool used by cellular carriers to prevent customers from jumping ship. They can be electronically removed, usually after fulfilling a contract obligation, but many websites offer the same service for a small fee with no questions asked.

AT&T's allegations are made in a filing with U.S. District Court for the Western District of Washington in which it accuses two companies, four people and an unknown software developer or developers, of participating in the audacious scheme. AT&T filed its lawsuit on Sept. 11 but it was first reported by Geekwire on Friday.

The carrier first discovered something was amiss in September 2013 when a surge in the number of unlock requests alerted the company to the possible abuse of "Torch," the software used to unlock cellphones, it said in the complaint.

Upon investigation, the company discovered that the logins and passwords of two employees at a center in Washington were responsible for a large number of the requests and those requests happened within milliseconds of each other.

Both employees, Kyra Evans and Marc Sapatin, are named in the lawsuit.

On the computers of Evans and Sapatin, investigators found unauthorized software intended to route unlocking requests from an external source through AT&T's computer system, it said. AT&T says its investigators uncovered numerous iterations of the software, which grew in complexity until it was eventually able to submit the automatic requests.

Investigators later found the software on a computer of a third employee, Nguyen Lam, according to AT&T. All three are no longer working at AT&T.

AT&T says a California-based company called Swift Unlocks and its proprietor, Prashant Vira, were involved in the scheme and paid Evans and Sapatin at least US$20,000 and $10,500 respectively to install the software. But, AT&T concedes that it doesn't know the full extent of Swift Unlocks' involvement.

Swift Unlocks operates a website where people can pay to have the software lock removed from their phones. Charges vary by phone but AT&T users will generally pay $20 or less for the unlocking service.

In all, AT&T says "hundreds of thousands" of phones were unlocked as a result of the scheme. Its charges include computer fraud, breach of loyalty and civil conspiracy and the carrier has asked the court to hear the case in front of a jury.

The defendants could not immediately be reached for comment and are yet to file a reply to the allegations with the court.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Martyn Williams

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?