Friday, January 15, 12:08
Home security Hackers exploit VoIP error to attack business accounts

Hackers exploit VoIP error to attack business accounts

Last year, one malicious campaign has put in risk telephone systems VoIP (Voice over Internet Protocol) more than 1.000 companies worldwide.


Although the main purpose of this attack is to sell phone numbers and call plans that others can use for free, access to VoIP systems could enable criminals to carry out more attacks, including listening to private calls, of cryptomining or even the use of compromised systems as a starting point for very serious attacks.

According to Check Point researchers, a team hacking has compromised the VoIP networks of nearly 1.200 organizations in more than 20 countries, with more than half of the victims United Kingdom. Industries such as government, the military, insurance, finance and construction are believed to have fallen victim to the campaign.

Apart from the United Kingdom, other countries such as the Netherlands, Belgium, the United States, Colombia and Germany have also been targeted by similar campaigns.

The attacks take advantage of the CVE-2019-19006, a critical vulnerability in telephone systems Sangoma and Asterisk VoIP that allows third parties to access remotely without any form of authentication. A vulnerability was released last year that fixes the vulnerability, but many organizations have not yet implemented it, leaving them Criminals of cyberspace to continue to exploit it.

"Vulnerability is a flaw in bypassing authentication and exploit is available to the public. Once exploited, hackers have administrator access to the VoIP system, which allows them to control its operations. "This will not be detected unless an IT team specifically looks for it," he told ZDNet. Derek Middlemiss, security researcher at Check Point Research.

One of the most common reasons for compromised systems is to make outgoing calls without being aware of the VoIP system, which would allow intruders to secretly call premium numbers they have created in order to charge the hacked organization. And because businesses make many legitimate phone calls to these systems, it would be difficult to detect if one is being exploited. server.

Organizations are advised to change their default usernames and passwords to Appliances, so that they can not be easily exploited and, if possible, regularly analyze call charges for potentially suspicious destinations, traffic volume or call patterns. Most importantly, organizations must implement the required security updates to prevent the exploitation of known vulnerabilities.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...

Facebook: Sues Chrome extensions developers for data theft

Facebook has filed a lawsuit against two Portuguese nationals for developing Chrome extensions that collected data from Facebook users.

Cisco does not fix 74 bugs in RV routers that have reached their EOL

Cisco said yesterday that it will not release firmware updates to fix 74 vulnerabilities that have been reported in ...

Hacker commits new crimes while waiting for his release!

A Kosovo hacker was pardoned after his conviction. The hacker provided personally identifiable information over 1.000 ...

Nintendo rules out Game & Watch video hacking

Two copyright claims against a YouTuber have been filed by Nintendo, for a video showing hacking of Super Mario ...

The number of reported CVEs increased by 6%!

According to a new analysis released on the level and volume of vulnerabilities in 2020, the total number of CVEs ...

Google: Removed 164 apps that featured out-of-context ads

Google removed 164 Android applications from the official Play Store, after security researchers discovered that the specific apps were bombarding them ...

Britain: Loss of 150.000 police records from a database

Some 150.000 police records have been deleted from its database as a result of a technical problem, according to the British government.

Hy-Vee: Data breach settlement proposed

The Iowa-based Hy-Vee grocery chain appears to be in the process of settling a data breach.