Feds bust $55 million international telephony hacking ring

The losses in this case, which exceeded $55 million in the US alone and impacted more than 2,500 companies across the globe

The US Department of Justice today said it helped crack a ring of fraudsters who allegedly hacked into the telephone systems of large corporations and entities in the United States and abroad and sold information about the compromised telephone systems to Pakistani nationals residing in Italy.

 The losses in this case, which exceeded $55 million in the US alone and impacted more than 2,500 companies across the globe, were borne by the victim corporations and entities, which the DOJ didn't name.  It did say AT&T was not hacked but was among the companies that carried the long-distance calls and it helped in the investigation.

 In conjunction with the DOJ action, Italian law enforcement conducted searches of approximately 10 locations in four regions of Italy and arrested the financiers of the hacking activity. Those financiers allegedly used the information to transmit over 12 million minutes of telephone calls valued over the hacked networks of victim corporations in the United States alone, the DOJ stated.

 Charged in the New Jersey indictment are Mahmoud Nusier, 40, Paul Michael Kwan, 27, and Nancy Gomez, 24, all residents of the Philippines, with conspiracy to commit wire fraud and unauthorized access to computer systems and other counts. Nusier is a Jordanian national; Kwan and Gomez are Philippine nationals, the DOJ stated.

 Earlier today in Italy, at least five individuals, all Pakistanis, were arrested during early-morning raids. Searches occurred in at least 10 telephone call centers and other premises.

 The DOJ indictment states that  "M.Z and S.K, residing in Italy, were among the financiers of the hacking and owned and operated call center operations in Italy from which their customers would make calls throughout the world. To increase their profits, M.Z. and S.K. made efforts to incur as little costs as possible in routing their customers' telephone calls to the intended call-recipient."

 M.Z. and S.K. recruited Nusier, Kwan, Gomez and others to hack into the telephone networks of unsuspecting large corporations and entities so that telephone calls from the call centers could be transmitted over the hacked networks.

 According to the indictment, the hackers gained an "intimate familiarity" with PBX programming which they used to launch a " brute force attack" on vulnerable points of the companies' systems.

 As the hackers dialed into the systems, they were able to identify the type of PBX system by the prompts and were thereby able to begin a process, known as a brute force attack, by which they sought to attack vulnerable points of the PBX systems, the DOJ stated.

 Often, the vulnerable points consisted of telephone extensions with default passwords still in place. After using a couple of methods to exploit the information they gained regarding the hacked PBX systems, the hackers transmitted the information about the hacked system back to the financiers. The hackers-Nusier, Kwan, Gomez and others-were then paid approximately $100 per hacked telephone system, according to the DOJ.

 "This was an extensive and well-organized criminal network that worked across continents," said Acting US Attorney Ralph J. Marra in a statement. "The hackers we've charged enabled their conspirators in Italy and elsewhere to steal large amounts of telecommunications capacity, which could then be used to further or finance just about any sort of nefarious activity here or overseas."

Layer 8 in a box

Check out these other hot stories:

50M in hand, Feds go looking for bleeding edge data center technology

Saving Unix one kernel at a time

The Borg lives: BBN gets $30M for artificial intelligence wizard

Court says government background security checks go too far

FTC shuts down notorious Internet Service Provider

Sears gets wrist slap over spyware activities

Cirque du Soleil founder set to blast into space

US shells out $10M for unmanned aircraft that can perch like a bird

Inside the Top 10 hot aerospace technologies

CIA wants more foreign language skills in a big way

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.