Obi508 Hacked
Orple:
wow, I'm so sorry. This seems to be a dangerous man that needs to be reported. The number belongs to Ymax Communications in Naples, FL and is voip. White pages has the number listed as scam/fraud. He is sexually abusing and hacking into people's accounts, including bank. He uses Craig's list, facebook, every means possible. He goes by many names. One person said it is a MagicJack number and when he/she received call from this number it was a friend stationed overseas but number could belong to someone else now. But, another commentor said he claims to be a marine stationed in Somalia (same country told to other people too) so I suspect the one to claim him as a friend is also being scammed. Good luck.
LTN1:
Quote from: sp508 on March 13, 2016, 05:42:03 am
My phone system is an old analog system. It has several ports that are for VM. Those ports had access to all CO lines (including 1 & 2).
I am wondering if the hacker is simply getting into my voicemail. Dialing 9 to get an outside line. Then he dials *72 (All Call Forward) to his Cuban number and thiis is the way he hacks!
I have since disabled CO access to the VM ports and put a password on the Voicemail Extension that he was using.
Scary to think that he would know which phone system I have, know my phone numbers and call in when the phones aren't being used for a while.
Now, if this is the way he hacked is it correct to say that he would not need to do any additional programming on the OBi. Remember SP1-4 and OBiTalk Service are all enabled for this field CallForwardUnconditionalEnable with a specific Cuban phone number.
What does everyone think???
Just to get it out there: The number he is calling from is 239 234 4377/8 is there a way to see where he is calling from?? It says Naples, Florida on the Caller ID. AND does anyone have experience with that number being a hacker?
Having experienced using and configuring analog to IP PBXs for over 10 years for my own work (though I'm not an IT professional), it is now clear to me that the security weakness in your configuration lies not with the OBi508vs but with your PBX system that is behind the OBi.
If you want to keep some sort of call bridge or call forwarding (whatever it is called in a particular PBX system), you have to set up a strong enough password that requires manual input each time a person externally calls in to use that feature. If your PBX doesn't require a strong enough manual password to dial out on a call bridge/forwarding, you are stuck with turning off that feature for the entire system or upgrading to a more secured PBX if you want such a feature.
sp508:
I disabled calling out for the VoiceMail ports. So theoretically he cannot call out.
But how can he do CallForwardUnconditionalEnable on SP1-4 and ObiTalk via by just using the phone keypad??
LTN1:
It is highly unlikely that he can reconfigure the call forwarding part of the OBi from a phone keypad since none of us can. It requires knowing the password and going into the OBi dashboard to make such a configuration. Based on the OBi abilities at this time, I would say it would not be possible to make the configuration that way by mere key tone entry remotely.
In addition to turning off that feature when in your VM, do you have any type of auto-attendant that allows for that remote call forwarding feature? If you do, then you should turn it off there to.
sp508:
It does seem like once I get him out of the system by deleting an SP or the like, he needs to CALL in to get back in. Once he gets in he seems to be able to change the settings without calling in.
Is it possible that there is a two step process: He needs to call in to get some information or two enable something that allows him access (perhaps adding himself as a Trusted member). Then, once he has breached the system, he can make changes online without calling in??
This is the way it seems to happen each time.
Navigation
[0] Message Index
[#] Next page
[*] Previous page