I used 3CX soft phone version 1.1.5 running on iPhone 5 on Fido's LTE network to make some phone calls before the account is comprised yesterday evening..
of course, I reset passwords in unlimited portal afterwards. Roger On 2013-01-21, at 3:54 PM, Mike - QTI <[email protected]> wrote: > Stephan, Very good points! > > Also you should reverse search your IP in http://www.shodanhq.com/ . I had > a user who did not change the admin password on their ATA and it was > exposed to the internet. So hackers just went to the ATA web maint page, > used the default credentials and then scrape the account information. Then > used the account to call cell phones in Moscow. Found his IP and device in > the Shodan Database. > > Mike > > On Mon, Jan 21, 2013 at 3:36 PM, Stéphan Monette > <[email protected]>wrote: > >> Roger, >> >> Just to make sure I didn't left my list of userids and passwords in some >> file with Google or somewhere else, I would first login into the web portal >> and reset my SIP and IAX passwords. >> >> I've seen a lot of people with their Hotmail, Gmail, Yahoo Mail accounts >> hacked without them knowing about it. Sometimes; the hackers are getting >> the userids and passwords from the saved emails you have left in your Gmail >> or other free email services! They usually look for bank account data, but >> they would sell any good information to anyone willing to pay for it >> including SIP accounts info! >> >> In the past when I was working on the Unlimitel systems, we made sure the >> username and passwords could not be guessed. We even stopped sending >> passwords by email! And we would still see users having their passwords >> stolen because they shared a Google drive (docs back then) with someone >> else who got their google account hacked!!!! >> >> After Primus took over, they even went an extra step by blocking any IP >> that would fail to register a SIP account to stop hackers from guessing >> Unlimitel SIP passwords. >> >> The web portal is designed so that your browser do not cache any infos! >> The passwords are not even listed in TEXT on the web portal to make sure >> customers with some sort of virus or malware could spy on your data! So if >> the hackers were able to make calls using your SIP credentials, this means >> they had the right data on hand and never got blocked because they never >> failed the SIP authentication. >> >> So I would suggest to reset your passwords (using the web portal) and do >> not save your passwords list anywhere on your computer or cloud storage >> services. >> >> That should stop them. If not, use a different tools or softphone! >> >> >> > >> On 2013-01-21, at 3:20 PM, Mark Brown <[email protected]> wrote: >> >>> Roger, >>> >>> Is there a chance the phone was compromised? >>> >>> You didn't say what phone or app you were using. >>> >>> Android phones seem to have a swiss cheese security model, and many apps >> are not always as they seem..... >>> I'm not sure the iPhones are much better. >>> I've automatically discounted Windows phones.... :-) >>> >>> I have a remote ATA with Unlimitel, and I haven't had such a problem.... >> yet. >>> >>> /M >>> >>> On 1/21/2013 9:33 AM, Yajie wrote: >>>> this has been pain in the ass. as soon as I make some international >> calls >>>> for several days, my account will be hacked, hacker made a lot of calls >> to >>>> high rate country in no time and my account will be blocked by >> Unlimitel. >>>> this happened at least 5 times in last two years. my friend has same >> issue >>>> too. interestingly, i didn't use asterisk to make calls recently, but a >>>> SIP softphone on my cell phone. so there is no way hacker can hack >> into my >>>> asterisk. I know unlimtel has much restrict password rule than any other >>>> ITSP i used. but only unlimitel got hacked every time . Do you guys know >>>> why? or i really should abandon Unlimitel's ship? Thanks! >>>> >>>> >>>> Roger >>>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> For additional commands, e-mail: [email protected] >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> > > > -- > Mike Ashton > CTO > Quality Track International > > Phone: +1 647.724.3500 x251 > Cell: +1 416.527.4995 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
