1 min read

CDRThief New VoIP Linux Malware – Can Credit Card Skimmers be Far Behind?

Picture of David Gamey David Gamey : Sep 10, 2020 10:07:00 PM

pci VoIP Malware

CDRThief New VoIP Linux Malware – Can Credit Card Skimmers be Far Behind?

Many organizations have either undergone or are planning migrations or acceleration of call centers, remote working, and online presence exploiting technologies like VoIP. Criminals are increasingly taking an interest in these channels. An interesting discovery by ESET, Linux based malware targeting soft-switches produced by China based Linknat. Two models are affected the VOS2009 and VOS3000.

This malware steals call detail recording (CDR) metadata from the systems internal MySQL database. At this time it’s believed that the goal of this malware is International Revenue Share Fraud (IRSF).

While this isn’t a VoIP Credit Card Skimmer, it demonstrates that there are skilled bad actors actively exploiting telephony technologies. This development shows why it is important to review all information channels and ensure that they are both secure and compliant.

Learn More

New CDRThief malware targets VoIP softswitches to steal call detail records - Malware targets only two very specific softswitches (software switches): Linknat VOS2009 and VOS3000. https://www.zdnet.com/article/new-cdrthief-malware-targets-voip-softswitches-to-steal-call-detail-records/
Who is calling? CDRThief targets Linux VoIP softswitches - ESET researchers have discovered and analyzed malware that targets Voice over IP (VoIP) softswitches. https://www.welivesecurity.com/2020/09/10/who-callin-cdrthief-linux-voip-softswitches/
Phone fraudsters are stealing billions each year through a scheme known as IRSF - Estimated IRSF damages range between $4 billion and $6.1 billion. https://www.zdnet.com/article/phone-fraudsters-are-stealing-billions-each-year-through-a-scheme-known-as-irsf/
Call Centers and PCI Compliance: Things You Need to Know https://controlgap.com/blog/call-centers-pci-compliance
PCI Information Supplement - Protecting Telephone-based Payment Card Data https://www.pcisecuritystandards.org/documents/ProtectingTelephoneBasedPaymentCardDatav3-0nov2018.pdf
PCI FAQ#1153 How does PCI DSS apply to VoIP? https://pcissc.secure.force.com/faq/articles/FrequentlyAskedQuestion/Is-VoIP-in-scope-for-PCI-DSS

Don’t Tie Yourself in Knots Thinking you can Store Payment Card Verification Codes/Values

David Gamey : Aug 26, 2021 10:07:00 PM

Card Not Present Security Codes/Values are the 3 and 4 digit printed numbers on your payment cards used to verify card-not-present transactions. PCI...

pci Credit cards

PCI DSS May Require Pulling Up Your SOX (or ISO)

David Gamey : Feb 22, 2018 10:07:00 PM

Executives and managers in organizations preparing for their first onsite PCI security assessment may feel confident that having passed a SOX audit...

pci SOX

What Is Sensitive Authentication Data in PCI Compliance?

David Gamey : Dec 20, 2020 10:07:14 PM

Sensitive authentication data, aka SAD, in PCI compliance is data used by the issuers of cards to authorize transactions. Similar to cardholder...

pci

CDRThief New VoIP Linux Malware – Can Credit Card Skimmers be Far Behind?

Learn More

Don’t Tie Yourself in Knots Thinking you can Store Payment Card Verification Codes/Values

PCI DSS May Require Pulling Up Your SOX (or ISO)

What Is Sensitive Authentication Data in PCI Compliance?

Services

About Us

Knowledge Base

Contact