A hacking campaign was discovered by researchers at Checkpoint Security that is compromising VoIP (Voice over Internet Protocol) systems made by Sangoma and Asterisk. Throughout the past year, nearly 1,200 companies around the world have been targeted in this attack. By using the vulnerability CVE-2019-19006 attackers are managing to gain remote access to systems without any form of authentication. Once the vulnerability is exploited, attackers have access to the VoIP systems and the ability to control their functions. Many times, attackers will use these systems to call premium phone numbers which they have set up, allowing them to gain money for every minute the call is occurring. Because of the mass amount of calls many of these systems make, many of them go undetected making it harder for organizations to identify a compromise. Other times the access is sold to the highest bidder. The buyer of the access could use it for other cyber-attacks such as eavesdropping for extortion, crypto-mining, and in some cases a gateway to the rest of the network.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in