Jury finds former T-Mobile store owner Argishti Khudaverdyan used stolen credentials to unlock “hundreds of thousands of cellphones” between August 2014 and June 2019 (pass PCMag).according to Department of Justice press release In an indictment filed earlier this year, Khudaverdyan made about $25 million from the scheme, which also involved bypassing carrier blocks on lost or stolen phones.
He reportedly used a variety of tactics over the years to gain access to the T-Mobile employee credentials needed to unlock the phone, including phishing, social engineering, and even having the carrier’s IT department reset the superior’s password to gain access. The Justice Department said he accessed the credentials of more than 50 employees and used them to unlock phones from “Sprint, AT&T and other carriers.”
According to the indictment, Khudaverdyan was able to access T-Mobile’s unlocking tools over the open internet until 2017. After the carrier moved them to its internal network, Khudaverdyan allegedly used the stolen credentials to access the web store over T-Mobile’s Wi-Fi.
The DOJ said Khudaverdyan co-owned a T-Mobile store called Top Tier Solutions Inc for several months in 2017, but the carrier eventually terminated the store’s contract for questionable behavior. (Another co-owner, Alen Gharehbagloo, has also been charged with fraud and illegal access to computer systems and has pleaded guilty.) Over the years, Khudaverdyan has marketed his unlocking services through email, brokers and various websites, telling customers they Is the official T-Mobile unlock.
Khudaverdyan’s indictment describes some of the purchases he and Gharehbagloo made with money from unlocked phones; California property, $32,000 Audemars Piguet Royal Oakand Land Rover. Gharehbagloo and Khudaverdyan are accused of renting a Mercedes-Benz S 63 AMG and Ferrari 458 respectively. A Rolex Sky-Dweller was also seized from one of the properties.
Khudaverdyan is not alone in breaking the law by unlocking devices or otherwise bypassing restrictions imposed by manufacturers. Last year, a man named Muhammad Fahd was sentenced to 12 years in prison for unlocking some 2 million AT&T phones, and a man named Gary Bowser was recently accused of selling mods for the Nintendo Switch at a store.
In some ways, these types of crimes are compassionate — and it’s hard to feel bad for companies that lose out on the revenue they make by limiting what customers can do with their devices. I won’t cry, because the DOJ said Khudaverdyan’s unlocking “discontinues T-Mobile customers from using T-Mobile’s service, thereby depriving T-Mobile of revenue from customer service contracts and device installment plans.”
Of course, the fact that this unlocking is illegal means that it is difficult to run the unlocking scheme without getting your hands dirty. Spoofing a T-Mobile employee’s credentials isn’t great, nor is unlocking a phone for a thief who wants to sell it on the black market. But if carriers make it much easier for customers to do it themselves, it will be hard for someone like Khudaverdyan or Fahd to build a lucrative and shady business to do this kind of thing.
Khudaverdyan faces a minimum of two years in prison for aggravated identity theft, as well as charges related to wire fraud, money laundering and unauthorized computer access, up to 165 years in prison. A sentencing hearing is scheduled for October 17.
