[VoiceOps] Just got hit with a new attack vector
Robert Dawson
RDawson at alliedtelecom.net
Sun Nov 18 08:58:01 EST 2012
This was a Broadworks platform, though any system with similar functionality could be exploited.
Sent from my iPad
On Nov 17, 2012, at 11:35 PM, "Matt Yaklin" <myaklin at g4.net> wrote:
>
>
> On Sun, 18 Nov 2012, Robert Dawson wrote:
>
>> User mailbox was compromised. The attacker called into the extension and
>> left a voicemail while spoofing the number they wanted to call, then called
>> back, logged into the mailbox, retrieved the message, and used the "Callback
>> Caller" option from the playback menu to originate a call back to the
>> spoofed number.
>
> Pretty clever really.
>
> What software did the attack compromise?
> An Aserisk release? Custom rolled or a popular ISO release?
> Broadsoft?
> Something else?
>
> Thanks,
>
> matt at g4.net
>
>> I disabled the option in the voice portal to mitigate further attacks.
>> Figured it would be worth sharing.
More information about the VoiceOps
mailing list