Interesting People mailing list archives
Re: Asterisk VoIP switch hacked for robo phishing expedition
From: David Farber <dave () farber net>
Date: Tue, 19 May 2009 09:49:45 -0400
Begin forwarded message: From: Jerry Glomph Black <glomph () glomph com> Date: May 19, 2009 8:39:35 AM EDT To: dave () farber net, Larry Vaden <vaden () texoma net>Subject: Re: [IP] Asterisk VoIP switch hacked for robo phishing expedition
This is most probably NOT a hack. Many versions of asterisk, if not properly configured, will allow calls through them via SIP or IAX.
FBI? Oh, please. You cannot declare a 'hack' anymore than you can declare a 'break-and-enter' when you leave your house for a week with the doors wide open, a pile of cash on the doorstep, and the lights on.
You must be sure that the [default] context does nothing useful, such as routing toll calls. Ditto for whatever context the IAX guest account uses. And all SIP and IAX listeners must have some form of authentication, or -very- restricted dialplan contexts.
On Tue, May 19, 2009 at 11:54 AM, David Farber <dave () farber net> wrote: Begin forwarded message: From: Larry Vaden <vaden () texoma net> Date: May 18, 2009 8:36:46 PM EDT To: David Farber <dave () farber net>, ip <ip () v2 listbox com> Subject: Asterisk VoIP switch hacked for robo phishing expedition Dr. Farber, For IP if you wish: Although likely not a case of first impression, if you operate an Asterisk VoIP switch, you may be interested in the fact that ours was hacked to make robo phishing calls to collect debit and credit card information from unsuspecting folks. We believe standard security precautions were in place. According to call detail records, the destination numbers were of the form 314-49?-???? (St Louis area cell phones). We notified the FBI in St Louis, MO. and in Sherman, TX, earlier today that we were receiving a large number of inbound calls/complaints. At the time of notification to the FBI, we did not realize our switch had been compromised. We learned our switch was compromised about an hour ago. Kind regards/ldv Larry Vaden Internet Texoma, Inc. ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Asterisk VoIP switch hacked for robo phishing expedition David Farber (May 19)
- <Possible follow-ups>
- Re: Asterisk VoIP switch hacked for robo phishing expedition David Farber (May 19)