A cross continent toll fraud operation was uncovered by FBI and national law enforcement agencies in Italy, Philippines and other countries.
The investigation has been ongoing since 2006 and relates to conduct ranging from October 2005 through December 2008.
The scam financiers, Pakistani nationals residing in Italy hired the services of professional crackers-for-hire and paid the amount of $100 for each PBX they could break into. Those financiers allegedly used the compromised systems to transmit over 12 million minutes of telephone calls valued at more than $55 million over the hacked networks of victim corporations in the United States alone.
Sunday, June 14, 2009
Saturday, June 13, 2009
Canadian IT company hit with $52,000 bill on toll fraud
SG Magazine bring the same old story we've heard before. misconfigured PBX, voice mail system with default or easy to guess PIN codes, unneeded options turned on (dial out via voice mail system TUI) and one or more individuals eager to make calls to Bulgaria on the expense of the unsuspecting Winnipeg-based HUB Computer Solutions.
Friday, June 12, 2009
Canadian SMBs suffer huge losses on toll fraud
The Hamilton Spectator reports that several small businesses suffer huge loses due to voice mail toll fraud. now these cases are a few month old, but I'll still post it for reference.
The phreaker exploited weak/default PIN codes protecting the voice mail system and were able to dial in to the voice mail system and originate an outgoing international call, in similar to DISA or call forward exploits. it is also a reminder that toll fraud was here long before IPT.
These cases really sums up the recipe for a good toll fraud:
The phreaker exploited weak/default PIN codes protecting the voice mail system and were able to dial in to the voice mail system and originate an outgoing international call, in similar to DISA or call forward exploits. it is also a reminder that toll fraud was here long before IPT.
These cases really sums up the recipe for a good toll fraud:
- PBX and added value components configured in an insecure manner
- Unneeded services and options are left on by default
- Weak authentication meathods, default or easy to guess PIN codes
- No monitoring of system utilization, call logs, abnormal events
- And finally one or more indeviduals with the passion to call some exotic far away place or simply to make money on an unsuspecting PBX owner expense.
Sipera: VoIP Toll Fraud Continues To Escalate
Sipera Systems which specializes in security solutions for IPT released a mini report with the conclusion that even with the growing awareness of VoIP and UC vulnerabilities not much is actually being done to mitigate these threates.
Sipera's Adam Boone highlights the primary security architecture shortcomings leading to toll fraud:
Sipera's Adam Boone highlights the primary security architecture shortcomings leading to toll fraud:
- Telecom Connectivity Vulnerabilities: Many enterprises have moved to SIP trunking for low-cost telecommunications connectivity. Unfortunately, these enterprises often rely on Session Border Controllers for security of real-time VoIP and UC traffic, making them highly vulnerable to toll fraud. In production security architecture analysis, Sipera has identified nine common configuration errors, vulnerabilities and functional limitations that leave enterprises using SBCs for VoIP security exposed to toll fraud risk.
- Application-Level Vulnerabilities: In many cases, application servers, voicemail systems, and other communication systems can be easily exploited by fraudsters because of weak passwords and authentication schemes. Furthermore, security policy enforcement mechanisms in such systems are often inadequate to stop fraudsters from using them to gain access to toll calling facilities.
- End-Point Vulnerabilities: Weak security on user devices and inadequate authentication schemes enable fraudsters to exploit these devices to pose as authorized users and gain access to toll calling facilities.
Monday, April 20, 2009
MIT's IS&T found sniffing on campus traffic
MIT Tech reported that the IS&T, the institute central IT department has been monitoring and recording all ingress and ingress network traffic on campus without an official policy or user notification. the monitoring practice was implemented on 1999 for security and network anomaly detection .
While there are some valid privacy issues here, I'm not going to address it here, you can find the gory details here.
There is something totally different that worries me - the graph showing the network traffic entering IS&T’s network security monitoring system, its a 1Gb interface and guess what...its fully utilized most of the time. Not so great for IDS and legal type applications.
Sunday, February 15, 2009
Can you find a way to eavesdrop Skype? NSA may be willing to pay if you do
According to "The register" NSA is willing to pay billions of dollars to anyone that can offer an eavesdropping solution that will allow the agency to listen on P2P voice calls and IM messages.
Now since Skype isn't making big bucks for parent company eBay, selling a key escrow that will allow NSA to use less computational resources to decrpyt the information might be an easy to generate extra revenue.
Now since Skype isn't making big bucks for parent company eBay, selling a key escrow that will allow NSA to use less computational resources to decrpyt the information might be an easy to generate extra revenue.
Sunday, January 25, 2009
Greeting of prosperity in the Chinese year of Ox - gung hei faat choih 恭喜發財
Wishing gung hei faat choih 恭喜發財
Good luck, success and prosperity in the new Chinese year of the Ox
Good luck, success and prosperity in the new Chinese year of the Ox
Subscribe to:
Posts (Atom)