U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Cyber attacks against VOIP systems on the rise

Security experts at Nettitude reported that VoIP (Voice over IP) infrastructures worldwide are targeted by a growing number of cyber attacks. A new wave of attacks against Voice over IP (VoIP) systems is targeting UK businesses, security experts believe that a surge was advantaged by the greater availability of hacking tools in the criminal underground. […]

Cyber attacks against VOIP systems on the rise

Security experts at Nettitude reported that VoIP (Voice over IP) infrastructures worldwide are targeted by a growing number of cyber attacks.

A new wave of attacks against Voice over IP (VoIP) systems is targeting UK businesses, security experts believe that a surge was advantaged by the greater availability of hacking tools in the criminal underground.

The security firm Nettitude revealed that the VoIP systems are being hit particularly hard, during the first quarter of 2015 the researchers have observed a large amount of VoIP attacks worldwide mainly against UK servers. The experts noticed that cyber attacks against VoIP system often started just a few minutes after a new server went live. It’s interesting to note that almost every VOIP attack (88%) took place outside of regular working hours, in this way criminals avoid control operated by the internal personnel.

“During the first quarter of 2015, our security researchers have observed a large amount of VoIP attacks worldwide; however, the majority were against UK servers. Our researchers found that VoIP attacks often started just a few minutes after a new server went live. Worryingly, they also identified that 88 percent of VoIP attacks took place outside of regular working hours, when there would typically be no security staff present to monitor the situation.”states a new study by Nettitude.

The study provided useful information about tools and techniques used by the threat actors that are targeting VoIP systems.

voip hacking 2

The experts at Nettitude provided a detailed analysis of the hacking tool known as SIPVicious, initially designed for the auditing of SIP systems, but that is abused by crooks to run brute-force password cracking attacks against VOIP systems.

The Voice over IP Security Alliance (VOIPSA) identified the following categories of threats:

  • Social Threats: Social threats can be interpreted as the misrepresentation of identity, authority, rights and content. Eavesdropping: In this threat category, malicious users are able to monitor VoIP communications between two or more VoIP end points.
  • Interception and Modification: This category refers to threats where a malicious user may have full access to the communication signal between two or more parties.
  • Service Abuse: This category is one of the most common amongst attackers. Premium Rate Service (PRS) fraud is becoming more and more prevalent.
  • Intentional Interruption of Service: VoIP services are subject to denial of service (DoS) attack and resource exhaustion. 
  • Other Interruptions of Service: This category of threat relates to physical threats such as loss of power

The experts observed an impressive amount of failed password attempts on VOIP systems it monitors.

“The large number of failed attempts to log into the system, register and make calls affected the performance of the system. Such behaviour could cause denial of service, making the services unavailable for legitimate users,” states Nettitude.

The experts noticed that most of the attacks seem to originate from France, but offensives from Chinese IPs were the most dangerous.

Enjoy the report!

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – VOIP, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]