The US Department of Justice (DoJ) alleged a hacker paid more than $1 million in bribes to AT&T employees as part of a scheme to illegally unlock millions of mobile phones over the course of five years.

In an indictment, the DoJ said 34-year-old Pakistan citizen Muhammad Fahd initially provided the employees with batches of IMEI numbers for phones, which they would then unlock from the network using their AT&T credentials. The DoJ alleged he subsequently bribed the insiders to plant malware in the operator’s internal computer system, enabling him to remotely unlock devices.

Fahd also allegedly paid employees to install unauthorised computer hardware, including wireless access points, in AT&T’s internal network.

The DoJ said Fahd’s goal was to sell the ability to fraudulently unlock phones to subscribers so they “could stop using AT&T wireless services”.

AT&T fired a number of Fahd’s co-conspirators after discovering the malware in late 2013, but he allegedly recruited new helpers to continue the work.

Between 2012 and 2017, the DoJ said more than 2 million phones were illegally unlocked as part of the scheme, costing AT&T millions in lost revenue from service and device payment plans.

Fahd was arrested in Hong Kong on 4 February 2018, and extradited to the US on 2 August to answer charges including wire fraud and conspiracy to violate the Computer Fraud and Abuse Act.

He faces up to 20 years in prison if convicted.