"A million bucks in stolen calls"...Details
Tyler Durden
camera_lumina at hotmail.com
Fri Jun 9 11:15:09 PDT 2006
Here's some more details.
So...does this amount to trespassing or merely arresting two guys for
running traffic you don't like?
This also implies that CALEA probably isn't even necessary in a lot of
cases. NSA can probably surreptitiously copy and route traffic to themselves
through intermediate networks.
Come to think of it, this may imply that something like CALEA is far easier
in the packet world than it was in the circuit switched world.
One implication is that VoIP can't really be secure unless we can hide the
routing and not just the pakcet contents, but of course this isn't a new
problem as recent events a la NSAT&T prove.
Anyway...
Two Charged in VOIP Hacking Scandal
JUNE 9, 2006 | Federal authorities pressed charges Thursday against a second
man who helped perpetrate a VOIP wholesale scheme that defrauded at least 15
VOIP service providers.
Robert Moore of Spokane, Wash., also known as the "Spokane Hacker," was
served papers Thursday but had not yet been taken into custody, according
U.S. Attorney's Office spokesman Michael Drewniak.
On Wednesday, the U.S. Attorney's Office in New Jersey had filed charges
against Edwin Andres Pena, who they say set up the allegedly fraudulent
wholesale business -- called Fortes Telecom Inc. -- in 2004. (See 'Free'
Skype Could Be Costly.)
After charging his service provider customers cheap rates to route their
calls, Pena's company secretly routed the calls over the IP networks of at
least 15 VOIP providers, according to court documents.
This was done using a two-step process.
Step One. The men obscured the origin of the calls by sending them through
an "intermediary." The feds believe Pena, with help from Moore, scanned the
networks of companies all over the world looking for network ports to use
for routing calls. The New Jersey U.S. Attorney's Office said it obtained
records from AT&T Inc. (NYSE: T - message board) showing that, between June
and October of last year, Moore ran more than 6 million scans for those
susceptible ports.
The two eventually decided on routing calls through a router owned by an
unnamed New Jersey-based hedge fund company. (See Ingate Secures VOIP.)
Step Two. With a "blind" established, Pena then needed to gain admittance
for his customers' calls to be routed onto the networks of other VOIP
providers.
VOIP providers tag their own calls with a unique identifier or "prefix" so
they can be admitted to the network. Pena allegedly bombarded the VOIP
providers' networks with test calls -- each carrying a different prefix --
until he found one that was admitted to the network. He then tagged all his
fraudelent calls with the winning prefix.
Having penetrated the networks of VOIP telephone service providers, Pena
programmed the third party's computer networks to use the illegally obtained
proprietary prefix to route calls of customers of his companies, federal
authorities say.
The Pena case will certainly revive the issue of security among VOIP
providers. Many in the VOIP community are all too aware of the security
perils of running calls over the Internet. "This hacker's approach is
certainly not a surprise to those in the Internet community who follow these
types of issues," says Brian Lustig, spokesman for VOIP provider SunRocket
Inc. . "It is just another variation of fraud that can be perpetrated."
So what does the VOIP community intend to do to protect itself from hacking?
"The industry as a whole -- including Sun Rocket -- is already hard at work
on standards and security measures that can prevent this type of activity,"
Lustig says.
Pena was taken into custody today and was scheduled to appear in court
Thursday. Moore will appear in court soon, Drewniak said.
Mark Sullivan, Reporter, Light Reading
More information about the cypherpunks-legacy
mailing list