Maybe you had this account for a very long time and the hacker had your data from years ago?
Did you reset your SIP passwords each time you got hacked in the past? On 2013-01-21, at 4:29 PM, Roger Si <[email protected]> wrote: > > the account was blocked by unlimitel yesterday after it was hacked (which > was good by the way) > > i didn't ask them to unblock it. so i don't know if the account is still > hacked. > > to Stephan's point, i probably should reset portal password as well. > > > but, my question is, why always unlimitel? I am using other ITSP, they > don't have problem for last 2-3 years. > > > Roger > > > On 2013-01-21, at 4:24 PM, Stéphan Monette <[email protected]> wrote: > >> Was your account still hacked after resetting your passwords? >> >> On 2013-01-21, at 4:22 PM, Roger Si <[email protected]> wrote: >> >>> >>> I used 3CX soft phone version 1.1.5 running on iPhone 5 on Fido's LTE >>> network to make some phone calls before the account is comprised yesterday >>> evening.. >>> >>> of course, I reset passwords in unlimited portal afterwards. >>> >>> >>> Roger >>> >>> >>> >>> On 2013-01-21, at 3:54 PM, Mike - QTI <[email protected]> wrote: >>> >>>> Stephan, Very good points! >>>> >>>> Also you should reverse search your IP in http://www.shodanhq.com/ . I had >>>> a user who did not change the admin password on their ATA and it was >>>> exposed to the internet. So hackers just went to the ATA web maint page, >>>> used the default credentials and then scrape the account information. Then >>>> used the account to call cell phones in Moscow. Found his IP and device in >>>> the Shodan Database. >>>> >>>> Mike >>>> >>>> On Mon, Jan 21, 2013 at 3:36 PM, Stéphan Monette >>>> <[email protected]>wrote: >>>> >>>>> Roger, >>>>> >>>>> Just to make sure I didn't left my list of userids and passwords in some >>>>> file with Google or somewhere else, I would first login into the web >>>>> portal >>>>> and reset my SIP and IAX passwords. >>>>> >>>>> I've seen a lot of people with their Hotmail, Gmail, Yahoo Mail accounts >>>>> hacked without them knowing about it. Sometimes; the hackers are getting >>>>> the userids and passwords from the saved emails you have left in your >>>>> Gmail >>>>> or other free email services! They usually look for bank account data, but >>>>> they would sell any good information to anyone willing to pay for it >>>>> including SIP accounts info! >>>>> >>>>> In the past when I was working on the Unlimitel systems, we made sure the >>>>> username and passwords could not be guessed. We even stopped sending >>>>> passwords by email! And we would still see users having their passwords >>>>> stolen because they shared a Google drive (docs back then) with someone >>>>> else who got their google account hacked!!!! >>>>> >>>>> After Primus took over, they even went an extra step by blocking any IP >>>>> that would fail to register a SIP account to stop hackers from guessing >>>>> Unlimitel SIP passwords. >>>>> >>>>> The web portal is designed so that your browser do not cache any infos! >>>>> The passwords are not even listed in TEXT on the web portal to make sure >>>>> customers with some sort of virus or malware could spy on your data! So if >>>>> the hackers were able to make calls using your SIP credentials, this means >>>>> they had the right data on hand and never got blocked because they never >>>>> failed the SIP authentication. >>>>> >>>>> So I would suggest to reset your passwords (using the web portal) and do >>>>> not save your passwords list anywhere on your computer or cloud storage >>>>> services. >>>>> >>>>> That should stop them. If not, use a different tools or softphone! >>>>> >>>>> >>>>> >>>> >>>>> On 2013-01-21, at 3:20 PM, Mark Brown <[email protected]> wrote: >>>>> >>>>>> Roger, >>>>>> >>>>>> Is there a chance the phone was compromised? >>>>>> >>>>>> You didn't say what phone or app you were using. >>>>>> >>>>>> Android phones seem to have a swiss cheese security model, and many apps >>>>> are not always as they seem..... >>>>>> I'm not sure the iPhones are much better. >>>>>> I've automatically discounted Windows phones.... :-) >>>>>> >>>>>> I have a remote ATA with Unlimitel, and I haven't had such a problem.... >>>>> yet. >>>>>> >>>>>> /M >>>>>> >>>>>> On 1/21/2013 9:33 AM, Yajie wrote: >>>>>>> this has been pain in the ass. as soon as I make some international >>>>> calls >>>>>>> for several days, my account will be hacked, hacker made a lot of calls >>>>> to >>>>>>> high rate country in no time and my account will be blocked by >>>>> Unlimitel. >>>>>>> this happened at least 5 times in last two years. my friend has same >>>>> issue >>>>>>> too. interestingly, i didn't use asterisk to make calls recently, but a >>>>>>> SIP softphone on my cell phone. so there is no way hacker can hack >>>>> into my >>>>>>> asterisk. I know unlimtel has much restrict password rule than any other >>>>>>> ITSP i used. but only unlimitel got hacked every time . Do you guys know >>>>>>> why? or i really should abandon Unlimitel's ship? Thanks! >>>>>>> >>>>>>> >>>>>>> Roger >>>>>>> >>>>>> >>>>>> >>>>>> --------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail: [email protected] >>>>>> For additional commands, e-mail: [email protected] >>>>>> >>>>> >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: [email protected] >>>>> For additional commands, e-mail: [email protected] >>>>> >>>>> >>>> >>>> >>>> -- >>>> Mike Ashton >>>> CTO >>>> Quality Track International >>>> >>>> Phone: +1 647.724.3500 x251 >>>> Cell: +1 416.527.4995 >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> For additional commands, e-mail: [email protected] >>> >> > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
