back to article DDoS crooks: Do you want us to blitz those phone lines too?

Cybercrooks are now offering to launch cyberattacks against telecom services, with prices starting at just $20 a day. Distributed denial of attacks against websites or web services have been going on for many years. Attacks that swamped telecoms services are a much more recent innovation, first starting around 2010. While DDoS …

COMMENTS

This topic is closed for new posts.
  1. bitmap animal

    Not new at all

    "Attacks that swamped telecoms services are a much more recent innovation, first starting around 2010"

    That is absolute rubbish. I am very aware of an incident over 20 years ago where a business that relied on incoming calls was hit very hard by miscreants constantly calling their number meaning customers couldn't get through.

    Because of the type of business they were in, customers very quickly moved to a new company and they didn't build back up the customer base they lost in those few days.

    It's a very nasty way of hitting the competition. Should be easier to block / trace these days though.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not new at all

      Reminds me of the anon attack on fleshlight

    2. Elmer Phud

      Re: Not new at all

      Was that the old 'mini-cab' trick?

      You ring the number and don't clear down -- then do it again and again until all the lines are 'in use'

      Payphones were popular for this.

      Eventually you might get 'unobtainable' but still the lines were unusable.

      Easy enough to do on an ancient sound card with built in answer machine capabilities via fax modem chip.

      (did it to ramp up 'on call' logs to show manager how bloody easy it was)

      1. bitmap animal

        Re: Not new at all

        Yes, minicabs was the situation I first heard about it. Some calls were thought to be done from phreaked phones abroad ISTR. It also cropped up in another commercial environment a few years later but didn't have the impact it had on small companies that rely in instant calls for their business.

  2. ByeLaw101
    Devil

    Mind you...

    After getting hammered with Sales calls from a certain double glazing company, $20 is cheap to have my revenge!

    1. Oninoshiko
      Thumb Up

      Re: Mind you...

      Hear hear!

      I'd pay twice that to get rid of "Rachel from Card Services"

  3. Pete Wood
    Devil

    The PPI insurance claim scam vultures appear to be doing it to my personal phone line for free!

  4. Anonymous Coward
    Anonymous Coward

    Default passwords

    Any PBX owner using default password DESERVES to be owned.

    Cripes, you'll be telling me Nortel Meridian owners have 0000 as their Admin password next.

  5. Anonymous Coward
    Anonymous Coward

    If these DDOS crooks are offering to do it for pay it should be easy to track who the money is going too, there is no anonymous electronic payments anymore. The US gov took care of that by closing down the likes of E-gold.com a few years ago, seizing all the money in the accounts and then making the account holders prove the money was genuinly obtained rather than them prove it wasn't.

    1. HamsterNet
      Thumb Down

      AND

      So what the police can trace the money from one account to another account - whoptyf-ingdo!

      Can you or the cops tie that paid account to the attack or the attacker? Doubt it as your trace of who is spamming your phone line will bring up a couple of dozen innocent (if IT incompetent) companies with PBX servers and that is as far as any investigation will go... If the police really bothered (which they don't) they would trace who is sending commands to the PBX and just find TOR nodes...

      1. Anonymous Coward
        Anonymous Coward

        Re: AND

        I think the phrase here may be "behind seven proxies" :D

  6. Gareth 16
    Meh

    I was a VOIP Support Analyst up until recently, very easy to cripple some IPPBXs especially if you are mental enough to persist with a shaky protocol like SIP over ADSL.

    I done a lot of work with Swyx and 3CX, most common attack i've seen is a 3rd party SIP client trying to authenticate, failing then trying over and over again so its just a DoS attack in disguise. Works though, eventually it prevents the system from registering new calls as its too busy dealing with auth requests.

    1. garetht t

      Register DoS

      At that point a border controller should be saying "erm... 10 failed registrations in a minute? Ok, you're getting blocked for an hour."

  7. Anonymous Coward
    Anonymous Coward

    Strange usage of "cost-conscious"!

    some of which offer to flood telephones (both mobile and fixed line) for $20 per day. The more cost-conscious would-be crooks can shop around for a service that offers to blitz lines for $5 an hour$120 a day.

    FTFY :)

    1. Arthur 1

      Re: Strange usage of "cost-conscious"!

      Beat me to it, but I'm actually glad I wasn't the only one noticing that.

      Unless there's some situation where you only need an hour for some reason, this doesn't really make a lot of sense.

This topic is closed for new posts.

Other stories you might like