FBI Warns Of New 'Vishing' Attacks On VoIP Service
The FBI has identified a new technique used to conduct so-called "vishing" attacks where hackers exploit a known security vulnerability in Asterisk software, the agency said Tuesday in a press release. Asterisk is free and widely used software developed to integrate Private Branch Exchange (PBX) systems with voice-over-Internet protocol communications services. The vulnerability can be exploited by cyber criminals to use the system as an auto dialer, generating thousands of vishing telephone calls to consumers within one hour, officials said.
Digium, the original creator and primary developer of Asterisk, released a security advisory in March 2008, which contained the information necessary for users to configure a system, patch the software, or upgrade the software to protect against the threat. If users fall victim to this exploit, their personally identifiable information will be compromised, the FBI said. To prevent further loss of consumers’ data and to reduce the spread of this new technique, businesses using Asterisk must upgrade their software to a version that cannot be compromised, officials said.
Categories:
Privacy
Join the Discussion
The National Journal Group has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate.
Comments powered by Disqus