[ISN] Hackers Invade Texas A&M Phone System

From: InfoSec News (isnat_private)
Date: Sat Jan 11 2003 - 00:37:05 PST

  • Next message: InfoSec News: "RE: [ISN] Osama's Plot to Blow-up the Internet on January 11th"

    http://www.local6.com/orlpn/news/stories/news-188235220030110-120116.html
    
    January 10, 2003
    
    COLLEGE STATION, Texas -- Hackers in Saudi Arabia infiltrated Texas
    A&M's phone system, using it as a conduit to make free collect calls,
    officials said.
    
    Phone carriers alerted the school to the suspicious activity Thursday,
    said Walt Magnussen, A&M's associate director of telecommunications.  
    The university sent an emergency e-mail to employees about the attack
    that urged them to change their mailbox passwords.
    
    The fraud affected five voice mailboxes among the university's 25,000
    phone lines. The number or cost of the unauthorized calls wasn't
    immediately known, The Eagle reported Friday.
    
    "Initial indications look like we caught it pretty quickly," Magnussen
    said.
    
    The hackers guessed each mailbox password because it was the same as
    the phone number.
    
    "It's like using your name for your password," he said. "It's one of
    the first things people are going to guess."
    
    The hackers manipulated the outgoing messages by recording "Hello?",
    followed by a pause, then "Yes." The new recording was designed to
    fool international operators into thinking they were talking to a live
    person who answered the phone, then agreed to take a collect call.
    
    Once inside the mailbox, hackers could transfer the call anywhere they
    wanted at A&M's expense. It may take a month or more to learn how much
    damage was done, Magnussen said.
    
    The call transfer feature on university lines has been disabled to
    prevent a future attack.
    
    Magnussen said A&M has successfully shut down similar attacks made
    from within Texas jail facilities, where inmates must use pay phones
    to call out. This is the first known attack from overseas.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Sat Jan 11 2003 - 02:54:58 PST