[VOIPSEC] Cellphone Botnets, Blackmailing VOIP & a Healthy Cybercrime Economy - Desktop Security News Analysis - Dark Reading (UNCLASSIFIED)

nnp version5 at gmail.com
Thu Oct 23 11:50:48 CDT 2008 

On Thu, Oct 23, 2008 at 5:07 PM, Dustin D. Trammell
<dtrammell at bpointsys.com> wrote:
> On Wed, 2008-10-22 at 10:30 +0100, nnp wrote:
>> Has anyone here seen any examples of cellphone botnet'ing or hardphone
>> botnet'ing for that matter? I'm interested to see how long it will be
>> before (I can only assume someone is researching it) we see code
>> execution + malware for the more common hardphones.
>
> There's been a number of instances of cellphone trojans over the years,
> a quick search on google turns up quite a few news references:
>
> http://www.google.com/search?&q=cell+phone+trojan&btnG=Search
>
> Why focus on cellular and hardphones though?  It's debatable whether or
> not such devices have enough power to really do much as part of a
> botnet, and if botnetting is your goal it would make much more sense for
> an attacker to focus attacks on soft-phones instead;

You also have to contend with things like anti-virus plus the general
suspicion administrators have of PCs once their network starts acting
funny. A botnet'ed hardphone is likely to escape much suspicion. Of
course this is complete speculation at the moment though without
reliable code execution exploits for commonly used hardphones etc.

My main reason for being interested in it though is entirely
technical...wouldn't reliable code execution on one of those Cisco
phones be sweet?

> the end-result is a
> much more powerful botnet member in that the botnet now has a user's
> entire PC to work with rather than a underpowered device.  As
> smart-phones get more and more powerful though such as the recent
> devices from Apple (iPhone) and Google (G1) they will become more
> attractive targets.
>
>> (Btw, does anyone know what OS those Cisco hardphones are running? I
>> would assume it is something VxWorks/Linux based?)
>
> Back when I was working with them they were VxWorks, but that was a few
> years ago.  I expect they haven't changed much since a fellow researcher
> who currently focuses on VoIP confirmed for me a few months ago that
> they still suffer from the same DoS that I spoke about in my "VoIP
> Attacks!" talk[1] at ToorCon 8 back in 2006.
>
> [1]
> http://www.dustintrammell.com/presentations/VoIP-Attacks-ToorCon-8/img53.html
>
> --
> Dustin D. Trammell
> Security Researcher
> BreakingPoint Systems, Inc.
>
>



-- 
http://www.unprotectedhex.com
http://www.smashthestack.org

More information about the Voipsec mailing list