Tags › cyber crime
If SIPVicious gives you a ring…
Published on Dec 10, 2012 in asterisk, cyber crime, sip security, sipvicious oss, security tools
Note: SIPVicious version 0.28 is out, go get it. I like to keep an eye on the social media and Google alerts for SIPVicious and in the last few months I noticed a rise in mentions of the tools. Specifically, a number of Korean twitter users (who have their service with KT, a VoIP service provider) complaining about receiving a call from a caller-id showing ‘SIPVicious’. After contacting a Korean friend, this led to an interview by a reporter for an article that was published on a Korean tech news site Boan News.…
Read more »11 million Euro loss in VoIP fraud .. and my VoIP logs
Published on Dec 14, 2010 in cyber crime, softphone security, voip security
And the attackers made over 1 million in profits. This just emerged from a raid (and hearing apparently) in Romania and other countries. The two main persons being fingered are Catalin Zlate and Cristian Ciuvat. It seems that they were scanning for PBX servers with phone extensions that have weak passwords. Then they abused these accounts to make phone calls for “free”, except that free has the price of 11 million EUR for the victims!…
Read more »Getting root access on Cisco CallManager 7 and 8 Server, Athcon, updates in new tool tftptheft and the VoIP honeynet challenge
Published on Jun 1, 2010 in conferences, voip security, cyber crime, softphone security, tftp theft
Lots going on right now. The following is a summary: Recurity Labs just published the jail-break for Cisco CallManager (CUCM) v7/8 which I had something to do with ;-) Will be presenting at Athcon on VoIP insecurities and cybercrime- drop me an email if you’ll be there TFTPTheft has been updated to support template filenames Will be posting more on TFTPTheft with use cases and examples. If you do have questions, drop me an email.…
Read more »On breaking phonecall encryption and publishing fake research
Published on Feb 1, 2010 in softphone security, cyber crime
Recently, some “not so anonymous” security researcher posted research on a website called InfoSecurityGuard. It showed how he had broken the encryption provided by various mobile phone security products. Ofcourse this caught the eyes of various journalists who wrote about this without much consideration. So what did this researcher find out? The research focuses on the fact that once you get malicious software on a phone, you can listen on the phonecall even with encryption software in place, such as CellCrypt or Gold-Lock.…
Read more »Phone phreaks are now using call forwarding features to make free phonecalls!
Published on Jan 21, 2009 in cyber crime, caller-id spoofing
Actually, they have been doing that for quite a while; say a couple of years. Yet it still works, and we only hear about it when some organization is hit with a hefty phone bill because their PBX server has been abused. The West Australian is running a feature article on various (undisclosed) cases where PBX systems, some traditional while others are IP-based (and exposed on the Internet) were abused to make phonecalls to foreign countries.…
Read more »VOIP Scanning on the increase
Published on Jan 6, 2009 in voip security, sipvicious oss, security tools, cyber crime
Various service providers and vendors have noticed an increase in VoIP scanning traffic. Arbor Networks mentioned VoIP attacks as one of their increasing concerns. A Norwegian honeynet detected various INVITE requests trying to get VoIP systems on the internet to dial specific numbers. This scan is for open VOIP relays. VoIP attacks are nothing new really and some people in the telco-fraud business seem to have been around for quite a while.…
Read more »Analysis of a VoIP Attack
Published on Oct 24, 2008 in voip security, cyber crime
Klaus Darilion published an interesting paper explaining what happened to German VoIP users and how to mitigate. I suggest that you read this one. Looks like attacks are becoming more and more widespread / mainstream.…
Read more »Homeland Security Dept’s PBX hacked?
Published on Aug 21, 2008 in cyber crime
Ouch! ZDNet have a short article about a misconfigured PBX making 400 calls to some of the hottest countries around: Afghanistan, India, Yemen and Saudi Arabia. Very ugly .. hope that the details emerge. If anyone has more details email me or post here. Promotional message: SIPVicious is free - test your SIP based PBX before someone else does ;-) Update: Apparently it consisted of voicemail hacking you know that thing from the 90s.…
Read more »VoIP and identity fraud on the BBC
Published on May 15, 2008 in cyber crime
The BBC News is running an article highlighting one of the most basic vulnerabilities in the majority of current VoIP providers - the lack of encryption. Indeed, this is a problem since SIP passes an md5 hash of the password as clear text and therefore anyone watching the traffic can perform an offline attack and quickly recover the credentials. The attack has been described in countless blogs, articles and papers by now and some tools are very efficient in demonstrating this issue.…
Read more »Swatters using VoIP to spoof caller id
Published on Mar 14, 2008 in caller-id spoofing, cyber crime
Its no news really to whoever is familiar with swatting, but this is something that recently came into the light in the public media as a few people have been found guilty of this real bad prank. What is swatting? It’s basically someone calling the 911 service, spoofing the callerid and pretending to be under attack from some maniac. What happens then is that a SWAT team is sent to the residence on which the spoofed phone number is registered.…
Read more »