ℹ️Interesting Attacks

PXB Attacks

A VoIP connect to an office network instead of the telephone system.

A PBX (Private Bank Exchange) manages and helps the VoIP figure out what to do.

An insecure PBX can be used to make phone calls that originate from inside that telphone network or office in the case. The attacker first needs the IP of the PBX and then try to make a call using it.

Once a PBX is found they can use the phone to initiate calls to a pay per minute phone line (usually owned by the hackers) in an attempt to rack up as big phone bill as possible. This is also usually fully automated with Robo-diallers. This attack will usually continue until someone notices the calls and drops it.

It can be set up with call forwarding so the next time someone dials a call it will connect to the pay per minute

A big problem for the victim is the phone company will say they don't cover consequential loses and have a legal right to claim the money so the victim will always be expected to pay.