DDoS attacks aimed at telecom systems are on the rise
Posted on 01 August 2012.
DDoS attacks are usually seen as the domain of hacktivists and hackers looking to block - then blackmail - companies that are heavily dependent on their Internet presence.

But, with the rise of botnets for sale, the nature of the attackers ha changed and the options have widened. No longer are just servers and email accounts in danger of getting flooded, but mobile and stationary telephone lines as well.

These so-called Telecommunications Denial of Service (TDoS) attacks are often used by cyber crooks that have managed to access users' bank accounts and plan to perform transactions that, if noticed by the bank or the client, can be easily blocked or reversed before the money mules manage to extract the stolen money.

Big money transfers detected as unusual often mean that the bank will be calling or emailing the owner of the bank account in order to confirm the validity of the transaction or just to warn the client about it.

But, if his or hers inbox is flooded with tens of thousands of spam messages, it will be difficult to notice the warning coming from the bank.

Likewise, if the bank's phone call cannot go through to the client because his mobile phone and other phones are bombarded with bogus calls and text messages, hours or even days can pass until they manage to contact the client and, in the meantime, the crooks have run away with the transferred money.

The cyber crooks behind the scheme might not themselves have the capability of performing large enough DDoS or TDoS attacks but, luckily for them, other cyber criminals have and offer their services for reasonable amounts of money.

"Recently, Arbor SERT came across a few advertisements for traditional DDoS services that also included phone attack services starting at $20 per day," reports Curt Wilson, research analyst at Arbor Networks. "Another DDoS provider has advertised this at $30 per hour, and a third provider also advertising such attacks charges $5 per hour, $20 for 10 hours, and $40 per day."

SIP (Session Initiation Protocol) systems - whether devices or servers - are also often attacked.

"Once the attackers obtain credentials into a VoIP or other PBX system, that system can become a pawn in their money-making scheme to perform DoS, Vishing, or other types of attacks," Wilson explains. "Default credentials are one of the security weaknesses that the attackers leverage to gain access to the VoIP/PBX systems, so organizations should ensure that their telecommunications systems credentials are strong enough to resist brute force attack, and that the ability to reach the telephone system is limited as much as possible in order to reduce the attack surface and convince the attacker to move on to the next victim."

In any case, if you or your company are being flooded with thousands of calls or emails and there is no obvious reason for it, it's always a good idea to find another phone line and ask the bank to keep an eye out for suspicious transactions.






Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //