T-Mobile hacker gets 10 years for $25 million phone unlock scheme


Argishti Khudaverdyan, the former owner of a T-Mobile retail store, was sentenced to 10 years in prison for a $25 million scheme where he unlocked and unblocked cellphones by hacking into T-Mobile’s internal systems.

Between August 2014 and June 2019, the 44-year-old man behind the scheme, who was also ordered to pay $28,473,535 in restitution, “cleaned” hundreds of thousands of cellphones for his “customers.”

Khudaverdyan’s contract as the owner of the Top Tier Solutions T-Mobile retail store in California was terminated by the wireless carrier in June 2017 due to his suspicious computer behavior and association with unauthorized unlocking of cellphones.

“From August 2014 to June 2019, Khudaverdyan fraudulently unlocked and unblocked cellphones on T-Mobile’s network, as well as the networks of Sprint, AT&T, and other carriers,” the Department of Justice said in a press release.

“Removing the unlock allowed the phones to be sold on the black market and enabled T-Mobile customers to stop using T-Mobile’s services and thereby deprive T-Mobile of revenue generated from customers’ service contracts and equipment installment plans.”

With co-defendant Alen Gharehbagloo, his former business partner and the co-owner of the mobile store, Khudaverdyan gained access to T-Mobile’s internal computer systems using credentials stolen in phishing attacks from more than 50 different T-Mobile employees.

The stolen credentials were used to access T-Mobile’s internal computer systems, and, in many cases, for password resets which locked the account owners out of the system.

“Working with others in overseas call centers, Khudaverdyan also received T-Mobile employee credentials which he then used to access T-Mobile systems to target higher-level employees by harvesting those employees’ personal identifying information and calling the T-Mobile IT Help Desk to reset the employees’ company passwords, giving him unauthorized access to the T-Mobile systems which allowed him to unlock and unblock cellphones,” US DOJ said in an August press release when Khudaverdyan was found guilty.

Throughout the scheme, they advertised “direct premium unlocking services for all phone carriers” to potential customers through various means, including emails and dedicated websites like,,,, and website website promoting illegal unlocking services (BleepingComputer)

​Using the stolen credentials and the IMEI numbers sent by customers through the websites they controlled, the two men unlocked hundreds of thousands of Android and iOS devices using T-Mobile’s dedicated Mobile Device Unlock (MDU) and MCare Unlock (MCare) tools.

While the MDU tool could only be used by authorized T-Mobile employees, MCare didn’t require authentication as it was based on IP address blocks assigned to T-Mobile/Metro locations.

On at least one occasion, on March 29, 2017, the defendant used his own T-Mobile credential (akhudav1) to log into a T-Mobile Wi-Fi access point from Texas and access the website, directly linking himself to the illegal cellphone unlock scheme.

“Whether the iPhone is clean, financed, blocked or leased, we can perform convenient, factory-grade unlocks on all iPhone and iPad devices that have been iCloud locked without voiding your phone’s warranty,” Khudaverdyan told one potential customer in an email advertising his services, according to the superseding indictment.

“We’ve been unlocking cell phones for years, and our specialty is in providing competitive, iCloud unlocking services and Clean/Financed T-Mobile iPhone services.

“Unlike other companies that use’ hacking unlock’ with the possibility of your iPhone being re-locked in the future, our T-mobile unlock is Official and directly through Apple and T-mobile.”

Alen Gharehbagloo, his former business partner and the co-owner of the mobile store, also pleaded guilty on July 5 to conspiracy to commit wire fraud, accessing a protected computer with intent to defraud, and conspiracy to commit money laundering.

Gharehbagloo’s sentencing hearing is scheduled to take place in two months, on February 23, 2023.

Update December 22, 02:12 EST: Revised article to say Khudaverdyan did not plead guilty.


  • AllOfUsAreHere Photo AllOfUsAreHere – 3 days ago

    So will there be repercussions for the customer involved, or did we not look into that?

  • BlowfishUnlocks Photo BlowfishUnlocks – 3 days ago

    You ever hear of the Feds prosecuting people who bought drugs through El Chapo’s network?

  • Malwarebytes Anti-Malware Logo

    Malwarebytes Anti-Malware

    Version: 4.5.19 4M+ Downloads

  • Windows Repair (All In One) Logo

    Windows Repair (All In One)

    Version: 4.13.1 2M+ Downloads

  • Everything Desktop Search Logo

    Everything Desktop Search

    Version: 21,842 Downloads

  • Zemana AntiLogger Free Logo

    Zemana AntiLogger Free

    Version: 52,187 Downloads

  • Zemana AntiMalware Logo

    Zemana AntiMalware

    Version: NA 304,105 Downloads


Related posts

Lastpass: Hackers stole customer vault data in cloud storage breach

Sarah Henriquez

Hackers now use ‘sock puppets’ for more realistic phishing attacks

Sarah Henriquez

Ukraine warns allies of Russian plans to escalate cyberattacks

Sarah Henriquez

Leave a Comment