https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Telephony/UC/Collaboration


Shutterstock

VoIP Security SBC

Check Point: Hackers Exploiting Asterisk VoIP, Sangoma PBX Globally

  • Written by Edward Gately
  • November 5, 2020
The hackers have targeted nearly 1,200 organizations globally over the past 12 months.

Hackers have targeted Asterisk VoIP and Sangoma, which manages it, in a global campaign targeting a system vulnerability.

That’s according to new research by Check Point Software Technologies. Most of the hackers are in Gaza and the West Bank.

Asterisk VoIP is the world’s most popular VoIP phone system for businesses. Many Fortune 500 companies use it for their national and international telecommunications.

The attack exploits a critical vulnerability in Sangoma PBX. It grants the attacker administrator access to the system and gives them control over its functions.

The group’s main purpose is to sell targeted organizations’ phone numbers, call plans and live access to compromised VoIP services to the highest bidders. They can then exploit those services for their own purposes.

Impact on Organizations

Adi Ikan is Check Point‘s head of network cybersecurity research.

Check Point's Adi Ikan

Check Point’s Adi Ikan

“By manipulating the VoIP system to conduct outgoing calls, organizations were exposed to pay extraordinary charges on their telephone expenses,” he said. “In addition, attackers can leverage this attack, creating further damage like shutting down VoIP services, and for utilizing system resources for purposes like cryptomining.”

A common practice associated with these attacks is known as international revenue share fraud (IRSF). Attackers can inflate traffic by calling the premium-rate numbers they own from the hacked VoIP phone system. The more traffic hits these premium-rate numbers, the more revenue their owners receive. This motivates attackers to look for ways to boost and inflate traffic volume in any way possible.

Although the attackers don’t target specific industries, they continuously scan and attack vulnerable SIP servers with the vulnerability.

The malicious hackers have targeted nearly 1,200 organizations globally over the past year. That includes 93 enterprises in the United States, 631 in Great Britain, 255 in the Netherlands, 171 in Belgium and 57 in Colombia. The hackers also have targeted enterprises in Germany, France, India, Italy, Canada, Australia and others.

“There are still attacks related to this campaign in the wild,” Ikan said. “And there is a significant increase in the past few months.”

Bad Actors Increasingly Focus on VoIP

This campaign is part of a global series of related attacks, and is a “very good example” of the wide phenomenon in which many hackers focus on exploiting VoIP servers for monetization, Ikan said.

“There are many groups on social media in which hackers share technical information on how to conduct such attacks, and advertise their services related to that,” he said.

Losses from global telecoms fraud exceeded $28 billion last year, according to the Communications Fraud Control Association (CFCA). VoIP PBX hacking is one of the top five fraud methods.

Organizations should ensure their VoIP systems are fully patched with the latest updates, Ikan said. Furthermore, they need to monitor their VoIP activity within their network.

“In addition, security products such as intrusion protection system (IPS) provide protections against such threats,” he said.

Tags: Agents Security Telephony/UC/Collaboration

Related


  • Merger, Teamwork
    M&A Roundup: Tech Data, RingCentral, Telarus, Datto, More
    Private equity continues to shape the channel.
  • Roll Out Dough
    Otava Rolls Out Partner Program Enhancements
    The new benefits complement Otava’s existing white-label and wholesale program.
  • boxing gloves
    Ixia, HP, AT&T Vet Joins TPx Leadership Team, 'Understands Channel Conflict'
    The new chief revenue officer plans to assess TPx's channel program.
  • Online Training
    Avant Agents Ask for Supplier-Agnostic Tech Sales Training
    It's an alphabet soup of training that includes UCaaS, CCaaS, BaaS, DRaaS and security.

One comment

  1. Avatar Mike Schilleman November 16, 2020 @ 2:05 pm
    Reply

    This is an old FreePBX vulnerability from November 2019. This bug was addressed & solved almost a year ago.

    Statement from Matt Fredrickson, Director of Open Source Engineering at Sangoma:
    https://twitter.com/creslin287/status/1324434505847967744

    Forums post from Lorne Gaetz, Director of Open Source at Sangoma:
    https://community.freepbx.org/t/old-freepbx-vulnerability-from-november-2019/71288?utm_source=twitter&utm_medium=social

    You might want to remove this article, because it is very misleading. Thanks!

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • 8x8 Adds Birdeye, RingCentral Vet as Chief Customer Officer
  • Vonage Contact Center Gets Video, AI Enhancements
  • Coffee with Craig and James Episode No. 92: Fusion Connect, Master Agent M&A
  • SMBs Need Channel Partners to Help with Long-Term Remote Working

Galleries

View all

Recent M&A Frenzy Highlights Trend of Private Equity Firms Targeting MSPs

April 22, 2021

Industry Perspectives

View all

What the Recent Microsoft Exchange Vulnerabilities Mean for Channel Partners

April 21, 2021

Annual MSP Benchmark Survey Reveals Remote Work Still a Top Challenge

April 20, 2021

Why Digital Transformation Is the ‘Invisible Hand’ of Our Time

April 19, 2021

Webinars

View all

Health Care and SD-WAN: A Seller’s Guide

April 27, 2021

How MSPs Can Leverage SOCaaS to Improve Security & Grow Revenue

May 20, 2021

Agility & Engagement Lessons for Driving Growth

February 11, 2021

White Papers

View all

Hacker Personas: A Deeper Look into Cybercrime

April 20, 2021

Carbonite Data Protection and Cyber Resilience

April 15, 2021

Top Tips: How Resellers Can Leverage Rackspace to Enhance Customer’s Cyber Security Protection with Microsoft 365 Security

March 30, 2021

Upcoming Events

View all

Diversity, Equity & Inclusion Strategies for Channel Success

June 8, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

MSP Summit

November 1, 2021 - November 2, 2021

Channel Evolution Europe

November 30, 2021 - December 1, 2021

Videos and Fastchats

View all

ACC’s Nancy Ridge on Gender Diversity in the Channel

5 Reasons Diversity, Equity and Inclusion Is Important

April 14, 2021

Five9 Shares Insights on Implementing a DE&I Strategy

April 13, 2021

FASTCHAT: How Fortinet Reduces Complexity Through Networking, Security

March 31, 2021

Twitter

ChannelFutures

Boost EX to connect #officeworkers.and #WFH employees for better CX, says @RingCentral. dlvr.it/RyH22j https://t.co/bkxBtWqwax

April 23, 2021
ChannelFutures

#MSP acquisitions are seriously taking off as private equity firms are chomping at the bit to buy. We asked our par… twitter.com/i/web/status/1…

April 22, 2021
ChannelFutures

.@TrendMicro rolls out revamped #partnerprogram. #cloudsecurity dlvr.it/RyFPk8 https://t.co/Pkwba4Ue7d

April 22, 2021
ChannelFutures

.@NetAppPartners will be able to co-sell @rubrikInc cloud data management and protection. dlvr.it/RyFPfQ https://t.co/Ot1Jsq9ZcS

April 22, 2021
ChannelFutures

We have the ability to make a difference in the tech industry, but that can only happen when we all work together t… twitter.com/i/web/status/1…

April 22, 2021
ChannelFutures

#Upstack hires Scott Forbush as CRO to lead inorganic growth strategy. @C_Trapp dlvr.it/RyDDb6 https://t.co/B3AAcb587S

April 22, 2021
ChannelFutures

RT @InformaTechHQ: Happy #WorldEarthDay! To mark the day our CEO Gary Nugent highlights the importance of technology and how it can be a dr…

April 22, 2021
ChannelFutures

.@cisco and @HP make huge #sustainability pledges for @EarthDay #EarthDay dlvr.it/RyCyNG https://t.co/T56157sj6p

April 22, 2021

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X