Secure providers of business VoIP phone service should be considered for businesses looking to avoid vulnerable VoIP systems.
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×
Trailrunner7 writes: Researchers have uncovered a simple method for compromising some common VoIP phones, enabling them to listen to victims' calls covertly or use the phones to make expensive or fraudulent calls. The attack takes advantage of the fact that the affected phones don't have any authentication set up by default, but do have a vulnerability that is open to remote exploitation. A victim who has one of the vulnerable phones connected to a network and uses a PC on that network to visit a malicious site can be open to the attack. Paul Moore, a security consultant in the U.K., detailed the problem and demonstrated an attack on a Snom 320, a popular VOIP phone.