Hi, Embarrassed as I am to write this, I am hoping for some advice. One of our very first PBX installs, now six years old, was "taken advantage of" over the past few weeks. A victim of sipvicious, I assume, that managed to guess one of the SIP passwords. 4000 calls to various middle eastern destinations have been placed, which ended up being sent over our customer's PSTN trunk, and of course there was no warning until the bill came today. Unfortunately the bill only covered the first few days of this fiasco, and was only $700. I am afraid the one that is on the way will be tens of thousands. ONE CALL on the bill that just arrived was $200 (80 minutes to Sierra Leone).
I'm sure this started out as a single scan. It must have been posted, because I have at least ten IP addresses now that were placing calls via the same peer. They are from all over the world. So what is the accepted procedure? I'm in the US Virgin Islands, so do I go to the FBI? Police? Is their some telecom fraud body to report such things to? Does any one ever get any relief from such events? I'm basically sick to my stomach right now. j -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users