Hackers are compromising VoIP phone system for monetization

Hackers are using outgoing calls made by users for generating profit.

Recent reports submitted by security researchers show that hackers are using one of the most complex yet efficient methods for generating profit. The report shows that hackers have exploited VoIP (voice over Internet Protocol) servers of over 1,200 organizations in 60 countries within the past one year.

Hackers target an open-source user interface dubbed Sangoma PBX, which is used for the management and controlling of Asterisk VoIP phone systems, specifically the Session Initiation Protocol (SIP) servers.

Asterisk is a widely used and popular VoIP PBX (private branch exchange) system used by various organizations for telecommunication. PBX is a switching system used to establish and control phone calls between telecommunication endpoints using VoIP servers.

Hackers are exploiting a critical vulnerability that allows them to gain admin access to the system. The campaign begins with scanning, proceeds to exploit the vulnerability, and then culminates into web shell installation.

Gaining admin access to these systems and servers can allow hackers to fulfill their malicious intentions. Hackers have used a PHP web shell to gain control of PBX system that allows them to make phone calls from any connected system.

NPAV recommends users and organizations to always keep a proper check on their cybersecurity measures. Keeping them updated and tested for proper working will ensure security and safety.

Install NPAV on your devices to keep them protected from all kinds of cyberattacks. Use NPAV and join us on a mission to secure the cyber world.

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *

*