Contact
Contact

1 min read

CDRThief New VoIP Linux Malware – Can Credit Card Skimmers be Far Behind?

Featured Image

Many organizations have either undergone or are planning migrations or acceleration of call centers, remote working, and online presence exploiting technologies like VoIP. Criminals are increasingly taking an interest in these channels. An interesting discovery by ESET, Linux based malware targeting soft-switches produced by China based Linknat. Two models are affected the VOS2009 and VOS3000.

This malware steals call detail recording (CDR) metadata from the systems internal MySQL database. At this time it’s believed that the goal of this malware is International Revenue Share Fraud (IRSF).

While this isn’t a VoIP Credit Card Skimmer, it demonstrates that there are skilled bad actors actively exploiting telephony technologies. This development shows why it is important to review all information channels and ensure that they are both secure and compliant.

Learn More

This Week's [in]Security - Issue 271

Welcome to This Week’s [in]Security. Non-Compliance Lesson, DSSv4 related, Skimmers, Other Payments. New breaches: 7 breachers per capita, Shields &...

Read More

Non-Compliance Lesson No. 4: Keep your head in the cloud when adopting new technologies

PCI DSS can be hard and not preparing for it just makes things harder. Following this advice is guaranteed to make it both more exciting and painful.

Read More

“Follina” – Critical Zero-Day Exploit for Microsoft Products

Background

Over the past holiday weekend, a tweet from Tokyo-based security researcher “nao_sec” first identified an interesting upload to antivirus...

Read More