Researchers Crack Siri Protocol

Researchers cracked the pride of Apple’s latest iPhone iteration yesterday, reverse-engineering the language processing, interactive personal assistant application called Siri.

Researchers at NSS Labs claim that they’ve spotted attacks that use Sipvicious, a common auditing tool for Voice over IP (VoIP) networks as part of malicious attacks aimed at taking control of vulnerable VoIP servers. The attacks are apparently aimed at taking control of VoIP servers to place unauthorized calls. 

Today’s image of the day comes from a video posted by New Scientist magazine that helps illustrate an attack between a server and a hacker.Created by Ben Reardon of Dataviz Australia, the video chronicles a hacker’s attempt to break into a voice over IP (VoIP) server. As we’ve seen, servers like these can be prime targets for hackers via denial of service (DoS) attacks and scans like the one visualized here. In this case, the outcome was a good one: the attack was thwarted by security software. 

Authorities in Romania have disrupted a large hacking ring accused of stealing Voice over IP (VoIP) data from hacked servers and using it to place bogus calls to premium rate numbers. Agence France Presse reported on Tuesday that 42 people were arrested in the sting, breaking up a network that was headed by two Romanians and that had caused more than $13.5m in losses to firms in the U.S., Britain, South Africa, Italy and Romania. 

Cybercriminals have found a new launching pad for their scams: the phone systems of small and medium-sized businesses across the U.S.

In recent weeks, they have hacked into dozens of telephone systems across the country, using them as a way to contact unsuspecting bank customers and trick them into divulging their bank account numbers and passwords.  Read the full story [IDG News Service/Robert McMillan]

Researchers scanning the internet for vulnerable embedded devices have
found nearly 21,000 routers, webcams and VoIP products open to remote
attack, due to the fact that their administrative interfaces are
publicly viewable from anywhere on the internet and their owners have
failed to change the manufacturer’s default password.  Read the full story [Wired/Kim Zetter]

A software engineer who created Trojans for the Swiss authorities to intercept Voice-over-IP (VoIP) phone calls has published the source code to his programs in order to draw attention to the surveillance threat posed by such software. Read the full story [idg.no]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.