T-Mobile Hacker Gets 10 Years for $22.5 Million Phone Unlock Scheme

Argishti Khaudaverdyan was the ex-owner of a T-Mobile retail shop. He had a scheme worth $25 million where he unlocked and blocked cellphones through hacking into T-Mobile internal systems.

The scheme was carried out by a 44-year old man who, between August 2014 and June 2019, “cleaned” thousands of phones for his customers. He also had to pay $28,473,535 restitution.

The wireless carrier terminated Khudaverdyan’s contract to be the proprietor of Top Tier Solutions TMobile’s retail store in California in June 2017, citing his suspicious computer behavior, and associations with unauthorised unlocking cellphones.

In a press release, the Department of Justice stated that Khudaverdyan had fraudulently locked and unblocked cell phones on T-Mobile’s networks, Sprint and AT&T and other carriers.

T-Mobile customers could stop using T-Mobile services by removing the unlock. This allowed T-Mobile to sell the phones on the black marketplace and deprive T-Mobile revenue from equipment installment and service agreements.

Alen Gharehbagloo was his ex-business partner and co-owner of mobile shop. Khudaverdyan was able to access T-Mobile’s internal computers using stolen credentials from over 50 T-Mobile employees.

T-Mobile used the stolen credentials to gain access to its internal systems and in some cases for password resets that locked out account owners.

Khudaverdyan, who was working with other call center workers overseas, also obtained T-Mobile employee credentials. He then used these credentials to gain access to T-Mobile’s systems to target employees at higher levels by harvesting their personal information, calling T-Mobile IT Help Desk, and granting him unauthorised access to T-Mobile’s systems, which allowed him unlock and unblock cell phones.” The US DOJ stated in August’s press release

They advertised the “direct premium unlocking service for all phones” through email and on dedicated websites such as unlocks247.com and swiftunlocked.com.

The two thieves used the stolen credentials as well as the IMEI numbers that customers sent through their websites to unlock hundreds of thousands Android and iOS phones using T-Mobile’s Mobile Device Unlock(MDU) or MCare Unlock (“MCare”) tools.

The MDU tool was only available to authorized T-Mobile employees. However, MCare did not require authentication because it was based upon IP addresses blocks that were assigned to T-Mobile/Metro sites.

The defendant used his T-Mobile Credential (akhudav1) on at least one occasion to log in to a T Mobile Wi-Fi Access Point from Texas to access unlockitall.com, linking him directly to the illegal cell phone unlocking scheme.

Khudaverdyan stated to a potential customer that he could perform factory-grade unlocks of all iPhones and iPads that are iCloud locked, regardless of whether they have been cleanly financed, blocked, or leased.

We have been unlocking phones for many years and are experts in offering competitive iCloud unlocking and clean/financed TMobile iPhone services.

Our T-mobile unlock, unlike other companies using hacking unlock with the potential of your iPhone being locked again in the future is official and done directly by Apple and Tmobile.

Alen Gharehbagloo was his ex-business partner and co-owner at the mobile shop. He pleaded guilty to wire fraud conspiracy, accessing protected computers with intent defraud and money laundering.

Gharehbagloo will be sentenced in just two months. It is set to occur on February 23rd, 2023.