More than 1,200 organizations have been exploited by a campaign that used known exploit measures to gain unauthorized access to VoIP accounts. The hackers are selling the compromised accounts and access to the buyers with the highest bids. The primary intent is to compromise the networks and provide access to the VoIP systems to continue conducting future attacks, listen to private calls, conduct intrusive campaigns, crypto-mining etc.
Read More: Ransomware Attacks – Demand Costs to Hit $1.4 Billion in 2020
The attackers exploited the vulnerability tagged as CVE-2019-19006. This critical liability in the Asterisk and Sangoma VoIP systems lets outsiders access the platform without authentication.
Source: zdnet