Hacker broke into routers and stole VoIP services

At the trial, AT&T reported that Robert Moore ran six million scans on its network alone. Other companies that were successfully targeted used aliases in an attempt to build up confidence in their services.

The global hacking exercise conducted by Robert Moore was targeted at telcos and corporations, and the aim was to steal VoIP services and sell them through a third party.

It has been reported that he stole 10 million minutes of service and re-sold them at discounted rates, which netted more than $1 million illegal profit from the scheme. He received only $20,000 personally for his efforts.

Moore said what made the hacking job so easy was that 70% of all the companies he scanned were insecure, and 45% to 50% of VoIP providers were insecure.

Default passwords appeared to be the biggest insecurity. At the trial he said that 85% of them were misconfigured routers. They still had the default passwords. Many routers had ‘admin’ or ‘Cisco0’ as passwords on them.

Once the hacker found the default password, he could get in almost every time. Then all sorts of information, basically the whole database, was right at his fingertips.

One small telco has gone out of business because of expenses the company incurred due to the amount of traffic Moore was responsible for diverting through their network.

Industry experts have known for a long time that leaving default passwords up is a widespread and dangerous problem. The problem could be solved if vendors ensured that the default password had to be changed the first time a product is used.