TrackSomebody.com

october27thgroup.com pentesting, pci, red team

illmob.org

Weak Passwords on Extensions = Hacked SIP/PBX

March 27th, 2009 by admin in Linux, News

An unknown organization is systematically checking for open SIP ports and then trying common extension usernames and passwords. If they find weak passwords, they are then into the PBX and can make thousands of calls in a matter of minutes. Protect yourself. Some were Asterisk and some were SIP-based VoIP PBX. Itappears that the hack has nothing to do with any sort of Asterisk vulnerability, but with insecure passwords set for extensions.

Src: junctionnetworks.com

Leave a reply