It’s now three months that all of our VoIP systems are logging any hacking attempt, and it’s astonishing to realize that not a day has passed that one of our systems has not been targeted with one or more attempts.

You must be joking...

You must be joking…

Most of these attacks come from 5cr1p7 K1dd13z trying their pot luck from “rogue” countries (China, North Korea, Russia, etc…) where ISPs are not patrolling what happens on their network, but sometimes we’ve been targeted by largest criminal organizations (ab)using powerful services like Amazon EC2.

Our systems ban instantly (less than 1 second) the IP where the attempt comes from, making any further attempt fruitless, and the data gathered by the attackers in this small amount of time almost meaningless and totally useless.

Nevertheless, the relentless flood of idiots trying their luck is endless, and it’s disheartening to think that so many people are dedicating time and effort to attempt to break-in into a VoIP system.

Toll fraud is rife, and when a wannabe hacker can get its dirty mitts onto a vulnerable system, five minutes are enough to make their day, and siphon off a few hundred pounds from some unlucky and clueless novice with a barrage of calls to a premium rate number. Not bad for a few clicks on the GUI of an off-the-shelf ready-made hacking software, nice little earner.

The problem is that telecom companies are willing accomplices in this scam, and pay these crooks without batting an eyelid. Obviously, the fact that these telecom companies are the same that don’t act to stop hackers feasting on their network nicely closes the circle.

“We let them loose, they get the loot, and we cop a slice of it”. Nice job, you scum.

I’ll be reporting every attempt of penetration on our systems, naming and shaming the ISPs that host these low-lives. Just one attempt from your network and your ISP or hosting company is blacklisted FOR LIFE. No way to come back from hell.

In the very near future, I’ll also make available a list of the IPs that have been banned, so if you are interested in securing your VoIP network – help yourself.

Stay tuned, it’ll be a very interesting ride.

Bookmark the permalink.

Comments are closed.