Large-scale targeted attacks are becoming a widespread issue for many US-based companies making no one safe from the possibility of becoming their next victim.

Voice Over Internet Protocol (VoIP) phone systems using the Digium software are just the latest target of an attack campaign

The hackers put code on their servers designed to exfiltrate data via downloading and perform additional tasks for the hackers.  In more technical terms, according to Palo Alto Networks’ security team Unit 42, “[this] malware installs multilayer obfuscated PHP backdoors to the web server’s file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system.”

The hack of the Digium VoIP software is not the first of its kind in recent months.  An uptake in unusual activity is said to have begun in mid-December 2021 when bad actors target Asterisk, which is a commonly used software that runs on the open-source Elastix Unified Communications Server.  Unit 42 reports witnessing more than 500,000 unique samples over the period spanning from December 2021 to March 2022.

According to Unit 42, the newest invasion of the Digium software resembles that of a prior attack in November 2020, called the INJ3CTOR3 campaign.  The malware is also used to maintain a backdoor into the system that they can use to steal other information.

The tactic that these hackers have used to infiltrate the Digium software is not a new one and experts do not see it stopping anytime soon.

To be clear, no phone system (or any other system) that we’ve ever seen is inherently secure or immune to attack.   The Asterisk phone system software is very popular, as is its commercial version, Digium.

If your company relies on Digium or Asterisk-based phone systems, there are ways to protect them, and we encourage you to have a full security check completed as soon as possible on your phone system.

Any system that is possibly connected to the internet should regularly be audited for security issues, protected with all possible and appropriate protections, and kept up to date with the latest security patches.

If you need help with your Digium, Asterisk, or any other VoIP phone system or to talk with our security team about conducting a security review of your systems, you can set up a confidential free consult with our security team by calling us today at 225-224-6595.

Related Posts - TKS Blog

TKS Newsletter - 2024 December
Here's our December 2024 Newsletter Read the full PDF version here: The TKS Sentinel - December Issue In this month's edition, we discuss: Ransomware Threats PDF Hijacking ...
Read more
5 New Trends from a Study on the State of AI at Work
5 New Trends of AI At Work
The pace of technological advancement is accelerating. This is not news to anyone wading through the ChatGPT craze. Artificial intelligence (AI) is at the forefront...
Read more
zero trust protections
Zero Trust Cybersecurity: Essential for Keeping Your Data Secure
As cyber threats become increasingly sophisticated, businesses can no longer rely solely on traditional methods to protect their data. Hackers are no longer trying to...
Read more
voice technology options
Harnessing the Power of Voice Technology
Voice technology is quickly becoming one of the most valuable tools for businesses seeking to improve customer interactions, streamline operations, and cut costs. With...
Read more