27 September 2007
A 23-year-old hacker named Robert Moore hacked into 15
telecommunications companies and hundreds of businesses worldwide in
order to net free VoIP minutes, which he and a partner then sold at
highly discounted rates for a million in profit. Moore, set to head to
prison, brags to Information Week that hacking into the systems of major VoIP carriers was "so easy a caveman could do it." From the interview:
"I'd
say 85% of them were misconfigured routers. They had the default
passwords on them," said Moore. "You would not believe the number of
routers that had 'admin' or 'Cisco0' as passwords on them. We could get
full access to aCisco box with enabled access so you can do whatever
you want to the box. ... We also targeted Mera, a Web-based switch. It
turns any computer basically into a switch so you could do the calls
through it. We found the default password for it. We would take that
and I'd write a scanner for Mera boxes and we'd run the password
against it to try to log in, and basically we could get in almost every
time."
say 85% of them were misconfigured routers. They had the default
passwords on them," said Moore. "You would not believe the number of
routers that had 'admin' or 'Cisco0' as passwords on them. We could get
full access to aCisco box with enabled access so you can do whatever
you want to the box. ... We also targeted Mera, a Web-based switch. It
turns any computer basically into a switch so you could do the calls
through it. We found the default password for it. We would take that
and I'd write a scanner for Mera boxes and we'd run the password
against it to try to log in, and basically we could get in almost every
time."