A jury found former T-Mobile store owner Argishti Khudaverdyan guilty of using stolen credentials to unlock “hundreds of thousands of cell phones” from August 2014 to June 2019 (via PCMag). According to a Justice Department press release and indictment filed earlier this year, Khudaverdyan earned an estimated $25 million from the scheme, which also involved circumventing carrier blocks placed on lost cellphones. or stolen.
For years, he allegedly used several tactics to acquire the credentials of T-Mobile employees needed to unlock phones, including phishing, social engineering, and even asking the carrier’s IT department to reset the phones. passwords from superiors, thus giving him access. The DOJ says it accessed the credentials of more than 50 employees and used them to unlock phones from “Sprint, AT&T and other carriers.”
According to the indictment, Khudaverdyan was able to access T-Mobile’s unlocking tools over the open internet until 2017. After the carrier moved them to its internal network, Khudaverdyan allegedly used stolen credentials to access this network via Wi-Fi at T-Mobile. stores.
The DOJ says Khudaverdyan co-owned a T-Mobile store called Top Tier Solutions Inc for a few months in 2017, although the carrier eventually terminated the store’s contract due to suspicious behavior. (The other co-owner, Alen Gharehbagloo, was also charged with fraud and unlawful access to computer systems and pleaded guilty.) Over the years, the DOJ says Khudaverdyan marketed his email unlocking services , brokers, and various websites, notifying customers that these were official T-Mobile unlocks.
Khudaverdyan’s indictment describes some of the purchases he and Gharehbagloo made with the money they got from unlocking phones; properties in California, a $32,000 Audemars Piguet Royal Oak watch and a Land Rover. Gharehbagloo and Khudaverdyan are accused of renting a Mercedes-Benz S 63 AMG and a Ferrari 458 respectively. A Rolex Sky-Dweller was also seized from one of the properties.
Khudaverdyan isn’t the only person to get in trouble with the law for unlocking devices or circumventing manufacturer-imposed limits. Last year, a man named Muhammad Fahd was sentenced to 12 years in prison for unlocking around 2 million AT&T phones, and a man named Gary Bowser was recently sent to prison (and fined $10 million) for his role in a company that sold mods for the Nintendo Switch.
In some ways, these types of crimes are sympathetic — it’s hard to feel bad about companies losing revenue they would have earned by limiting what customers can do with their devices. I’m not going to shed tears because the DOJ says that Khudaverdyan’s unblockings “enabled T-Mobile customers to stop using T-Mobile’s services and thereby deprive T-Mobile of revenue generated from service contracts. customer service and equipment installment plans”.
Of course, the fact that these unlocks are illegal means that it’s hard to run an unlock pattern without getting your hands dirty. Scamming T-Mobile employees for their credentials isn’t great, nor is it potentially unlocking the phones of thieves who want to sell them on the black market. But it would be hard for the likes of Khudaverdyan or Fahd to build lucrative, shady businesses doing this sort of thing if carriers made it much easier for customers to do it themselves.
Khudaverdyan faces at least two years in prison for aggravated identity theft, and up to 165 years for charges related to wire fraud, money laundering and unauthorized computer access. A sentencing hearing is scheduled for October 17.