Two Charged in VOIP Hacking Scandal

Authorities say two men ran a wholesale VOIP business using allegedly fake codes to load call traffic onto unsuspecting VOIP networks

Dark Reading Staff, Dark Reading

June 8, 2006

3 Min Read

Federal authorities pressed charges Thursday against a second man who helped perpetrate a VOIP wholesale scheme that defrauded at least 15 VOIP service providers.

Robert Moore of Spokane, Wash., also known as the "Spokane Hacker," was served papers Thursday but had not yet been taken into custody, according U.S. Attorney's Office spokesman Michael Drewniak.

On Wednesday, the U.S. Attorney's Office in New Jersey had filed charges against Edwin Andres Pena, who they say set up the allegedly fraudulent wholesale business -- called Fortes Telecom Inc. -- in 2004. (See 'Free' Skype Could Be Costly.)

After charging his service provider customers cheap rates to route their calls, Pena's company secretly routed the calls over the IP networks of at least 15 VOIP providers, according to court documents.

This was done using a two-step process.

Step One. The men obscured the origin of the calls by sending them through an "intermediary." The feds believe Pena, with help from Moore, scanned the networks of companies all over the world looking for network ports to use for routing calls. The New Jersey U.S. Attorney's Office said it obtained records from AT&T Inc. (NYSE: T) showing that, between June and October of last year, Moore ran more than 6 million scans for those susceptible ports.

The two eventually decided on routing calls through a router owned by an unnamed New Jersey-based hedge fund company. (See Ingate Secures VOIP.)

Step Two. With a "blind" established, Pena then needed to gain admittance for his customers' calls to be routed onto the networks of other VOIP providers.

VOIP providers tag their own calls with a unique identifier or "prefix" so they can be admitted to the network. Pena allegedly bombarded the VOIP providers' networks with test calls -- each carrying a different prefix -- until he found one that was admitted to the network. He then tagged all his fraudelent calls with the winning prefix.

Having penetrated the networks of VOIP telephone service providers, Pena programmed the third party's computer networks to use the illegally obtained proprietary prefix to route calls of customers of his companies, federal authorities say.

The Pena case will certainly revive the issue of security among VOIP providers. Many in the VOIP community are all too aware of the security perils of running calls over the Internet. "This hacker's approach is certainly not a surprise to those in the Internet community who follow these types of issues," says Brian Lustig, spokesman for VOIP provider SunRocket Inc. . "It is just another variation of fraud that can be perpetrated."

So what does the VOIP community intend to do to protect itself from hacking? "The industry as a whole -- including Sun Rocket -- is already hard at work on standards and security measures that can prevent this type of activity," Lustig says.

Pena was taken into custody today and was scheduled to appear in court Thursday. Moore will appear in court soon, Drewniak said.

— Mark Sullivan, Reporter, Light Reading

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights