Everybody speeds, but we don't go too fast because we never know when there might be a speed trap around the next corner. What if we added the penalty of being banned from driving on the highway, too? That's the same line of thinking behind the VoIP Abuse Project.

J. Oquendo, a security engineer who built the Arkeos VoIP honeypot and launched the VoIP Abuse Project, uses his PBX system to capture brute-force attempts against VoIP PBXes and blacklists the networks that hackers are using. His PBX listens in on a hacking attempt and answers the calls on his fake VoIP system honeypot to gather IP information about the network from which the hacker calls are originating. The information is then used to create a blacklist on banned networks to cut down on hackers.

In the past when Oquendo attempted to contact networks used by hackers, no one usually picked up the phone. The new solution means banned networks will have to get themselves off the blacklist by proving they are legitimate.

This system works in two ways--one it's its own brute-force measure that simply blocks hacking networks from accessing a VoIP system and two it serves as a deterrent to make hackers think twice about hacking a network that might have a honeypot and a VoIP Abuse Project blacklisting service attached.

For more:
- read this from Dark Reading

Related news:
Warding off big hack attacks
VoIP hacker gets 10 years in prison

After he sold VoIP services routing calls over over other networks that he hacked, Edwin Andres Pena racked up $1.4 million worth of stolen calls. The Venezuelan citizen based his operations out of New Jersey and went on the run when he was arrested back in 2006. Police caught up with him in Mexico in 2009 and he is the first person to be sentenced to prison for hacking VoIP services.

Pena set up a wholesale voice company in which he sold VoIP minutes at cut rate prices. The secret to his bargain calling plans was that the minutes were all stolen by hacking other VoIP companies. Now, he will spend ten years behind bars and then face a number of years under supervision to prevent him from striking again. He will also have to come up with another scheme during that time to pay back the million plus dollars he must pay in restitution. It is also in the works that he will be deported back to Venezuela where he is a citizen.

For more:
- read the article

Related news:
Hacking VoIP in real time with freeware
Security firm demoed hacking and eavesdropping on IPhone mobile
Sipera protecting a million UC devices and counting

By some estimates only 5 percent of VoIP networks are properly configured a hacker attack, which can capture audio and video files of entire conversations! Article

With recent reports of toll fraud showing how expensive these breeches can be, it's worth taking a look at vulnerabilities in voice networks to protect against unauthorized usage. A recent report from Sipera's Satyam Tyagi, director of technical marketing, outlines some of the ways hackers can exploit networks though gaps in session border controllers and media gateways to run up outrageous long distane bills at a company's expense. Tyagi's analysis of the most common ways toll fraud can occur can be found here.