They used the VM/IVR system for their access. They didn't use disa as one mailer suspected, instead they used a weak password on a message box, and its ability to change its personal operator. The police and FBI are now involved.
From: [email protected] [mailto:[email protected]] On Behalf Of Chris Clymer Sent: Wednesday, February 10, 2010 3:19 PM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Hacked Phone System Did they go all wargames on you and attack from the IVR side, or hit the system over IP on the network? On Feb 10, 2010, at 3:00 PM, Scott Webster wrote: We have two PRI's. The attacker came in thru our VM system, and used changed a VM box's operator extension. Weak passwords were at the root of this problem, and are being addresses now. On Wed, Feb 10, 2010 at 11:12 AM, Raffi Jamgotchian <[email protected]> wrote: what kind of system? IP based or traditional? On Feb 10, 2010, at 12:32 PM, Scott Webster wrote: > Good Morning, > > Does anyone have experience with phone systems getting hacked and being used for international calls? I'm looking for direction on who to contact? > > -- > S. Webster > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com <http://pauldotcom.com/> _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com <http://pauldotcom.com/> -- Scott Webster Technology Consultant _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
