CyberNews Briefs

CDRThief Malware Targets VoIP Gear in Carrier Networks

Malware known as CDRTheif has been targeting voice over IP (VoIP) soft switches inside telecom carrier’s networks in a data-stealing campaign that utilizes Linux-targeted code. The code has the capability to steal phone call metadata, according to researchers at ESET. The malware was allegedly custom-developed to target the Linknat VOS2009 and VOX3000 soft switches, which typically run on standard Linux servers.

Through leveraging the vulnerability, attackers could retrieve private data such as call detail records, call times, duration, source number, and destination location. ESET has stated it believes that the malware’s chief function is to collect data from the soft switches. Unlike other common backdoors, this variant does not have shell command execution support and it likely unable to exfiltrate targeted files from the compromised disk.

Read More: CDRThief Malware Targets VoIP Gear in Carrier Networks

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.