Your VoIP Phone Could Be Used To Spy On You!
This somewhat frightful claim has been reverberating around the inter-web the past few days. I do agree that YOUR IP phone(s) might be a candidate target for such an exploit. I’m not worried simply because my IP phones don’t suffer the particular vulnerability in question. More on that in a bit.
This claim stems from Paul Moore, a security consultant, hacking a snom 320 IP phone. He found that with the default admin credentials in place he could penetrate the phone, achieving broad control of the device. Then he used that control to do various nefarious things.
For example, he could place calls. Further, he could setup routing to send all calls via a premium service that paid him for every minute of connect time. Thereafter he’d just leave the phone on a long running call without the user ever becoming aware that it was busy. Cha-ching!
The recent blow-up in the UK over the tabloid media accessing people’s cellular voicemail is certainly interesting. Endless media outlets are reporting the crime as “hacking” cell phones or cell phone voice mail. Here are just a few examples:
Apparently Magic Jack has taken some steps to cease delivering service to people who access the service with clients other than bone fide Magic Jack dongles. This happened some time in the past week and has been noted in the