A cross continent toll fraud operation was uncovered by FBI and national law enforcement agencies in Italy, Philippines and other countries.
The investigation has been ongoing since 2006 and relates to conduct ranging from October 2005 through December 2008.
The scam financiers, Pakistani nationals residing in Italy hired the services of professional crackers-for-hire and paid the amount of $100 for each PBX they could break into. Those financiers allegedly used the compromised systems to transmit over 12 million minutes of telephone calls valued at more than $55 million over the hacked networks of victim corporations in the United States alone.
Sunday, June 14, 2009
Saturday, June 13, 2009
Canadian IT company hit with $52,000 bill on toll fraud
SG Magazine bring the same old story we've heard before. misconfigured PBX, voice mail system with default or easy to guess PIN codes, unneeded options turned on (dial out via voice mail system TUI) and one or more individuals eager to make calls to Bulgaria on the expense of the unsuspecting Winnipeg-based HUB Computer Solutions.
Friday, June 12, 2009
Canadian SMBs suffer huge losses on toll fraud
The Hamilton Spectator reports that several small businesses suffer huge loses due to voice mail toll fraud. now these cases are a few month old, but I'll still post it for reference.
The phreaker exploited weak/default PIN codes protecting the voice mail system and were able to dial in to the voice mail system and originate an outgoing international call, in similar to DISA or call forward exploits. it is also a reminder that toll fraud was here long before IPT.
These cases really sums up the recipe for a good toll fraud:
The phreaker exploited weak/default PIN codes protecting the voice mail system and were able to dial in to the voice mail system and originate an outgoing international call, in similar to DISA or call forward exploits. it is also a reminder that toll fraud was here long before IPT.
These cases really sums up the recipe for a good toll fraud:
- PBX and added value components configured in an insecure manner
- Unneeded services and options are left on by default
- Weak authentication meathods, default or easy to guess PIN codes
- No monitoring of system utilization, call logs, abnormal events
- And finally one or more indeviduals with the passion to call some exotic far away place or simply to make money on an unsuspecting PBX owner expense.
Sipera: VoIP Toll Fraud Continues To Escalate
Sipera Systems which specializes in security solutions for IPT released a mini report with the conclusion that even with the growing awareness of VoIP and UC vulnerabilities not much is actually being done to mitigate these threates.
Sipera's Adam Boone highlights the primary security architecture shortcomings leading to toll fraud:
Sipera's Adam Boone highlights the primary security architecture shortcomings leading to toll fraud:
- Telecom Connectivity Vulnerabilities: Many enterprises have moved to SIP trunking for low-cost telecommunications connectivity. Unfortunately, these enterprises often rely on Session Border Controllers for security of real-time VoIP and UC traffic, making them highly vulnerable to toll fraud. In production security architecture analysis, Sipera has identified nine common configuration errors, vulnerabilities and functional limitations that leave enterprises using SBCs for VoIP security exposed to toll fraud risk.
- Application-Level Vulnerabilities: In many cases, application servers, voicemail systems, and other communication systems can be easily exploited by fraudsters because of weak passwords and authentication schemes. Furthermore, security policy enforcement mechanisms in such systems are often inadequate to stop fraudsters from using them to gain access to toll calling facilities.
- End-Point Vulnerabilities: Weak security on user devices and inadequate authentication schemes enable fraudsters to exploit these devices to pose as authorized users and gain access to toll calling facilities.
Subscribe to:
Posts (Atom)