[VoiceOps] Hackin attempts to Broadsoft voice portal
Scott Berkman
scott at sberkman.net
Mon Nov 9 11:12:29 EST 2009
Toll fraud is illegal and is actively investigated by multiple federal organizations including the FBI:
http://newark.fbi.gov/dojpressrel/2009/nk061209.htm
If you have the time to try and contact them, that is certainly reasonable for you to do, but keep in mind that in theory they could confiscate your equipment as evidence.
The best thing you can do is fight it from effecting anything. If the attacks really are coming from one specific number (as opposed to changing due to spoofing) you might be able to block the calls at your SBC or other ingress point.
-Scott
From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Ujjval Karihaloo
Sent: Sunday, November 08, 2009 1:49 PM
To: Russell McConnachie
Cc: voiceops at voiceops.org
Subject: Re: [VoiceOps] Hackin attempts to Broadsoft voice portal
Thx a lot Russell. We already have those measures in place, just want to see if we can do anything else about these hackers
Ujjval Karihaloo
VP Voice Engineering
IP Phone: +13032428610
E-Fax: +17202391690
SimpleSignal Inc.
88 Inverness Circle East
Suite K105
Englewood, CO 80112
<http://www.simplesignal.com/> bvoip
From: Russell McConnachie [mailto:russell at mcconnachie.ca]
Sent: Sunday, November 08, 2009 11:45 AM
To: Ujjval Karihaloo
Cc: voiceops at voiceops.org
Subject: Re: [VoiceOps] Hackin attempts to Broadsoft voice portal
Hi Ujjval
I have had this problem also with malicious hackers attacking my voicemail boxes and making outbound calls to International destinations (Usually the Phillipines).
For the time being - I have disabled all outbound dialing through the Voice Portal. If my subscribers want a function such as this they can either use one of two things.
1. Remote Office
2. BroadWorks Anywhere.
Also increasing the password policies for Voice Portal/Voice Mail Passwords does help, No longer do I allow passwords which are shorter than 5 characters (As most attackers use the default 0000, 1234, 7890 password combinations).
I am in Canada and I haven't found anything I can do besides that.
Thanks
On Sun, Nov 8, 2009 at 10:26, Ujjval Karihaloo <ujjval at simplesignal.com> wrote:
Lot of failed attempts from 1 particular number.... 15096346223.
Seems to be scanning thru voice mail boxes serially attempting passwds & locking them out.
Last time v saw this i tracked this to be a magic jack number, i called back & a person answered & said that he can fix my voice mail for me if i gave him my password. I emailed magicjack support & they never responded.
Is there anything we can do to bring these malicious hackers to justice? Any one has experience un this area legally given that these hackers are mostly outside the US.
Ujjval Karihaloo
VP Voice Engineering
SimpleSignal Inc.
IP Phone: +13032428610
Sent from my iphone
_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20091109/88657cf5/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 3391 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20091109/88657cf5/attachment.jpe>
More information about the VoiceOps
mailing list