the account was blocked by unlimitel yesterday after it was hacked (which was good by the way)
i didn't ask them to unblock it. so i don't know if the account is still hacked. to Stephan's point, i probably should reset portal password as well. but, my question is, why always unlimitel? I am using other ITSP, they don't have problem for last 2-3 years. Roger On 2013-01-21, at 4:24 PM, Stéphan Monette <[email protected]> wrote: > Was your account still hacked after resetting your passwords? > > On 2013-01-21, at 4:22 PM, Roger Si <[email protected]> wrote: > >> >> I used 3CX soft phone version 1.1.5 running on iPhone 5 on Fido's LTE >> network to make some phone calls before the account is comprised yesterday >> evening.. >> >> of course, I reset passwords in unlimited portal afterwards. >> >> >> Roger >> >> >> >> On 2013-01-21, at 3:54 PM, Mike - QTI <[email protected]> wrote: >> >>> Stephan, Very good points! >>> >>> Also you should reverse search your IP in http://www.shodanhq.com/ . I had >>> a user who did not change the admin password on their ATA and it was >>> exposed to the internet. So hackers just went to the ATA web maint page, >>> used the default credentials and then scrape the account information. Then >>> used the account to call cell phones in Moscow. Found his IP and device in >>> the Shodan Database. >>> >>> Mike >>> >>> On Mon, Jan 21, 2013 at 3:36 PM, Stéphan Monette >>> <[email protected]>wrote: >>> >>>> Roger, >>>> >>>> Just to make sure I didn't left my list of userids and passwords in some >>>> file with Google or somewhere else, I would first login into the web portal >>>> and reset my SIP and IAX passwords. >>>> >>>> I've seen a lot of people with their Hotmail, Gmail, Yahoo Mail accounts >>>> hacked without them knowing about it. Sometimes; the hackers are getting >>>> the userids and passwords from the saved emails you have left in your Gmail >>>> or other free email services! They usually look for bank account data, but >>>> they would sell any good information to anyone willing to pay for it >>>> including SIP accounts info! >>>> >>>> In the past when I was working on the Unlimitel systems, we made sure the >>>> username and passwords could not be guessed. We even stopped sending >>>> passwords by email! And we would still see users having their passwords >>>> stolen because they shared a Google drive (docs back then) with someone >>>> else who got their google account hacked!!!! >>>> >>>> After Primus took over, they even went an extra step by blocking any IP >>>> that would fail to register a SIP account to stop hackers from guessing >>>> Unlimitel SIP passwords. >>>> >>>> The web portal is designed so that your browser do not cache any infos! >>>> The passwords are not even listed in TEXT on the web portal to make sure >>>> customers with some sort of virus or malware could spy on your data! So if >>>> the hackers were able to make calls using your SIP credentials, this means >>>> they had the right data on hand and never got blocked because they never >>>> failed the SIP authentication. >>>> >>>> So I would suggest to reset your passwords (using the web portal) and do >>>> not save your passwords list anywhere on your computer or cloud storage >>>> services. >>>> >>>> That should stop them. If not, use a different tools or softphone! >>>> >>>> >>>> >>> >>>> On 2013-01-21, at 3:20 PM, Mark Brown <[email protected]> wrote: >>>> >>>>> Roger, >>>>> >>>>> Is there a chance the phone was compromised? >>>>> >>>>> You didn't say what phone or app you were using. >>>>> >>>>> Android phones seem to have a swiss cheese security model, and many apps >>>> are not always as they seem..... >>>>> I'm not sure the iPhones are much better. >>>>> I've automatically discounted Windows phones.... :-) >>>>> >>>>> I have a remote ATA with Unlimitel, and I haven't had such a problem.... >>>> yet. >>>>> >>>>> /M >>>>> >>>>> On 1/21/2013 9:33 AM, Yajie wrote: >>>>>> this has been pain in the ass. as soon as I make some international >>>> calls >>>>>> for several days, my account will be hacked, hacker made a lot of calls >>>> to >>>>>> high rate country in no time and my account will be blocked by >>>> Unlimitel. >>>>>> this happened at least 5 times in last two years. my friend has same >>>> issue >>>>>> too. interestingly, i didn't use asterisk to make calls recently, but a >>>>>> SIP softphone on my cell phone. so there is no way hacker can hack >>>> into my >>>>>> asterisk. I know unlimtel has much restrict password rule than any other >>>>>> ITSP i used. but only unlimitel got hacked every time . Do you guys know >>>>>> why? or i really should abandon Unlimitel's ship? Thanks! >>>>>> >>>>>> >>>>>> Roger >>>>>> >>>>> >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: [email protected] >>>>> For additional commands, e-mail: [email protected] >>>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>> >>>> >>> >>> >>> -- >>> Mike Ashton >>> CTO >>> Quality Track International >>> >>> Phone: +1 647.724.3500 x251 >>> Cell: +1 416.527.4995 >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
