Widespread VoIP hack is costing businesses thousands of dollars
Security researchers at Check Point have discovered a huge cyber-fraud operation targeting VoIP phone systems worldwide. Hackers based in Gaza, the West Bank and Egypt are targeting servers used by more than 1,200 organizations based across over 60 countries. According to researchers, more than half of the targets are located in the UK.
Hackers have managed to exploit vulnerabilities found within two popular VoIP systems: Sangoma and Asterisk. Once they infiltrate the system, they generate huge sums of money by forcing systems to call premium numbers that they own or by selling auto-generated calls.
In addition, it appears that the hackers have created a community across various social networks to share resources and advice regarding vulnerable systems. They have also been known to sell live access to compromised VoIP platforms, creating another route to monetization.
Wrong number
“This cyber fraud operation is a quick way to make large sums of money,” said Derek Middlemiss, Security Evangelist for the EMEA region at Check Point.
“More broadly, we’re seeing a widespread phenomenon of hackers using social media to scale the hacking and monetization of VoIP systems this year. Hackers are creating dedicated social media groups to share insights, technical know-how and advertise their conquests. This is how these hackers from Gaza, West Bank and Egypt were able to organize themselves to scale a global cyber fraud operation. I expect this phenomenon to continue into 2021.”
Aside from the UK, the other top targets for the hackers were the Netherlands, Belgium, the USA and Colombia. In total, Check Point has documented more than 10,000 VoIP attacks since the start of 2020.
Businesses that use VoIP communications are advised to make sure that their systems have the latest security patches installed, regularly analyze their call billings, maintain a robust password policy and implement an intrusion prevention system.