Large-scale targeted attacks are becoming a widespread issue for many US-based companies making no one safe from the possibility of becoming their next victim.

Voice Over Internet Protocol (VoIP) phone systems using the Digium software are just the latest target of an attack campaign

The hackers put code on their servers designed to exfiltrate data via downloading and perform additional tasks for the hackers.  In more technical terms, according to Palo Alto Networks’ security team Unit 42, “[this] malware installs multilayer obfuscated PHP backdoors to the web server’s file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system.”

The hack of the Digium VoIP software is not the first of its kind in recent months.  An uptake in unusual activity is said to have begun in mid-December 2021 when bad actors target Asterisk, which is a commonly used software that runs on the open-source Elastix Unified Communications Server.  Unit 42 reports witnessing more than 500,000 unique samples over the period spanning from December 2021 to March 2022.

According to Unit 42, the newest invasion of the Digium software resembles that of a prior attack in November 2020, called the INJ3CTOR3 campaign.  The malware is also used to maintain a backdoor into the system that they can use to steal other information.

The tactic that these hackers have used to infiltrate the Digium software is not a new one and experts do not see it stopping anytime soon.

To be clear, no phone system (or any other system) that we’ve ever seen is inherently secure or immune to attack.   The Asterisk phone system software is very popular, as is its commercial version, Digium.

If your company relies on Digium or Asterisk-based phone systems, there are ways to protect them, and we encourage you to have a full security check completed as soon as possible on your phone system.

Any system that is possibly connected to the internet should regularly be audited for security issues, protected with all possible and appropriate protections, and kept up to date with the latest security patches.

If you need help with your Digium, Asterisk, or any other VoIP phone system or to talk with our security team about conducting a security review of your systems, you can set up a confidential free consult with our security team by calling us today at 225-224-6595.

Related Posts - TKS Blog

keyless password
The State Of Passwords in 2025
[vc_row][vc_column][vc_column_text]Passwords have long been a necessary but frustrating aspect of digital security. Most users either dislike them or outright despise them. Despite the growing push...
Read more
TKS Newsletter - 2025 February
Here's our February 2025 Newsletter Read the full PDF version here: The TKS Sentinel - February Issue In this month's edition, we discuss: Work-Specific Tools Windows 11...
Read more
common password mistakes
Password Management Tips For Businesses
Is Your Business Cyber Secure? Passwords are the front line of defense against cyberattacks. Yet, most businesses still struggle with password security—whether it’s employees using weak...
Read more
password managers for business
How Password Managers Strengthen Your Cybersecurity Posture
The Growing Threat of Password Vulnerabilities Protecting your sensitive business information has never been more critical than it is today. Passwords remain one of the weakest...
Read more