|
VoIP Hacker Gets Prison: His Boss Gets Away |
|
|
|
Written by Adam Gosling
|
|
Wednesday, 15 August 2007 |
The first culprit in a duo of VoIP Hackers that defrauded more than a
million dollars worth of call minutes form some of America's largest IP
telephony providers has been fined US$150,000 and will spend two years
in prison for his effort.
Robert Moore,
the 23-year-old hacker from Spokane, Washington, was the technical mind
behind the duo's crime and was involved after Edwin Pena, the scheme's
mastermind paid him US$23,000 to hack into the carrier networks.
This was achieved with relatively simple scripts using a combination of simple dictionary and brute-force
attacks in combination with Google hacking. Pena then established a VoIP
wholesaling business using the carrier supplied minutes to route his customer's calls.
VoIP News reported in June last year
Pena was making so much money he was forced to spend up
large to hide his illegal profits adding several pieces of real estate, three
luxury cars and a 40-foot motor boat to his portfolio. Federal agents
reportedly confiscated a customized 2004 BMW M3 form the accused.
Moore has pleaded guilty to his role in the crime.
However, the 23 year old Venezuelan who hired him has fled the country
after posting bail and has not been caught.
According to this report,
Moore claims he wrote generic software to run brute-force attacks
against Cisco XM routers and Quintum Tenor voice gateways. Brute force
attacks
were conducted against service provider networks in order to discover
valid prefixes
to let calls into their networks.
His software would generate 400 prefixes
per second against the carrier gear, scanning randomly so as not to
arouse the suspiscions oif the gear's intrusion-detection systems. He
restricted his attack to gateways using the H.323 signaling protocol,
rather than SIP gear.
The pair also scanned known corporate IP
addresses for machines that might be vulnerable to their attacks, Moore
says. Pena purchased a 2GB database of corporate IP addresses and their
subnet ranges for US$800, he says.
"The way we got into them is that most of the
telecom administrators were using the most basic password - Cisco,
Cisco or admin, admin. They weren't hardening their boxes at all,"
Moore says in the story.
The two found many devices had exposed SNMP ports
allowing them to probe for information. "There were various object
identifiers in the management
database that would allow you to see critical information on a Cisco
[router], like maybe [the] gateway where it's routing to so we would
know where to choose our target," he says.
Moore said he wrote Google search strings that exposed Web
interfaces on devices. "It was really easy actually to launch these
things
from Google to find these peoples' switches," he said.
Content for the Network World report quoted here came from an interview conducted with the hacker by thevoicereport.com.
Related news items Newer news items
Older news items
|
|
|
|
