[VoiceOps] Just got hit with a new attack vector

Robert Dawson RDawson at alliedtelecom.net
Sun Nov 18 08:58:01 EST 2012

This was a Broadworks platform, though any system with similar functionality could be exploited.

Sent from my iPad

On Nov 17, 2012, at 11:35 PM, "Matt Yaklin" <myaklin at g4.net> wrote:

> On Sun, 18 Nov 2012, Robert Dawson wrote:
>> User mailbox was compromised. The attacker called into the extension and
>> left a voicemail while spoofing the number they wanted to call,  then called
>> back, logged into the mailbox, retrieved the message, and used the "Callback
>> Caller" option from the playback menu to originate a call back to the
>> spoofed number.
> Pretty clever really.
> What software did the attack compromise?
> An Aserisk release? Custom rolled or a popular ISO release?
> Broadsoft?
> Something else?
> Thanks,
> matt at g4.net
>> I disabled the option in the voice portal to mitigate further attacks.
>> Figured it would be worth sharing.

More information about the VoiceOps mailing list