Mobile store owner hacked T-Mobile employees to unlock phones

T-mobile

A former owner of a T-Mobile retail store in California has been found guilty of a $25 million scheme where he illegally accessed T-Mobile’s internal systems to unlock and unblock cell phones.

Argishti Khudaverdyan, 44, allegedly ran a scheme between 2014 and 2019 where he unlocked devices from the cellular networks of their vendors and enabled people to use them with other telecommunication providers.

This scheme impacted mobile carriers who offer these devices to customers at a special price or even free of charge, offsetting the cost by locking them for some time in their networks.

Additionally, Khudaverdyan unlocked devices the carriers had blocked due to their rightful owners reporting them as stolen or lost.

This action of unlocking stolen cellphones is particularly detrimental because it allows these phones to be sold on a black market, making the theft and reselling of devices very profitable.

“From August 2014 to June 2019, Khudaverdyan fraudulently unlocked and unblocked cellphones on T-Mobile’s network, as well as the networks of Sprint, AT&T and other carriers,” details the announcement of the US Department of Justice.

“Removing the unlock allowed the phones to be sold on the black market and enabled T-Mobile customers to stop using T-Mobile’s services and thereby deprive T-Mobile of revenue generated from customers’ service contracts and equipment installment plans.”

The sentence of Khudaverdyan is to be decided on October 17, 2022, with the maximum imprisonment time for each count being:

  • 20 years for each wire fraud,
  • 20 years for conspiracy to commit money laundering,
  • 10 years for money laundering,
  • 5 years for unauthorized computer access,
  • 5 years for accessing a computer to defraud,
  • and 2 years for aggravated identity theft.

Hacking T-Mobile employee accounts

To find potential clients, Khudaverdyan promoted his unlocking services through websites like “unlocks247.com,” spam email, and various brokers.

The man even engaged in false advertising, presenting these unlocks as “official” T-Mobile services so the clients, in most cases, wouldn’t realize they were involved in an illegal exchange.

To perform the unlocks, Khudaverdyan compromised over 50 T-Mobile employee credentials, many belonging to high-ranking employees with powerful privileges.

This happened through phishing emails that mimicked actual T-Mobile internal correspondence and social engineering, both of which were made easier for Khudaverdyan as he had access to genuine samples from T-Mobile.

“Working with others in overseas call centers, Khudaverdyan also received T‑Mobile employee credentials which he then used to access T-Mobile systems to target higher-level employees by harvesting those employees’ personal identifying information and calling the T-Mobile IT Help Desk to reset the employees’ company passwords, giving him unauthorized access to the T-Mobile systems which allowed him to unlock and unblock cellphones,” explained the DOJ press release.

These stolen credentials were used to access T-Mobile’s internal computer systems, and many times he performed password resets too, locking the account owners out of the system.

In 2017, T-Mobile suspected Khudaverdyan was performing malicious activities after investigating some unauthorized access events and terminated his contract with the company.

The man, however, continued the same fraud by partnering with another owner of a T-Mobile store in Los Angeles, Alen Gharehbagloo, who has also pleaded guilty to three felonies and is scheduled to hear his sentence on December 5, 2022.