Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Cheap Attacker DDoS-for-Hire Schemes Target Phone Systems

Ask about distributed denial-of-service attacks (DDoS), and many people will envision a website being non-responsive. However, according to researchers at Arbor Networks, cybercriminals are also advertising to launch DDoS attacks against a less likely target – your telephone.

Ask about distributed denial-of-service attacks (DDoS), and many people will envision a website being non-responsive. However, according to researchers at Arbor Networks, cybercriminals are also advertising to launch DDoS attacks against a less likely target – your telephone.

“DDoS affects many types of systems,” blogged Curt Wilson of Arbor Networks. “Some have used the term TDoS to refer to DDoS or DoS attacks on telecommunications systems (Telecommunications Denial of Service)….Typical motives can be anything from revenge, extortion, political/ideological, and distraction from a larger set of financial crimes.  Just as we’ve seen the Dirt Jumper bot used to create distractions by launching DDoS attacks upon financial institutions and financial infrastructure at the same time that fraud is taking place (with the Zeus Trojan, or other banking malware or other attack technique), DDoS aimed at telecommunications is being used to create distractions that allows other crimes to go unnoticed for a longer period.”

Often, session initiation protocol (SIP) flooding attacks take place because attackers are running brute-force password guessing scripts that overwhelm the processing capabilities of the SIP device, but pure flooding attacks on SIP servers have occurred as well, he said.

“Once the attackers obtain credentials into a VoIP or other PBX system that system can become a pawn in their money-making scheme to perform DoS, Vishing, or other types of attacks,” explained Wilson. “Default credentials are one of the security weaknesses that the attackers leverage to gain access to the VoIP/PBX systems, so organizations should ensure that their telecommunications systems credentials are strong enough to resist brute force attack, and that the ability to reach the telephone system is limited as much as possible in order to reduce the attack surface and convince the attacker to move on to the next victim.”

The price of the TDoS attacks varies. Just recently, Arbor researchers discovered a handful of advertisements for phone attacks that ranged in price for $20 per day to $30 per hour.

“Any system is subject to availability attacks at any point where an application layer or other processor-intensive operation exists as well as the networks that supple these systems via link saturation and state-table exhaustion,” he said. “Telecommunications systems are no exception to this principle…clearly, there is money to be made in the underground economy or these services would not be advertised.”

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.