Malware dubbed CDRThief is targeting voice over IP softswitches inside networks of large telecom carriers. The Linux-targeted code can steal phone-call metadata, likely in spy campaigns or for use in VoIP fraud. Malware can be deployed to any location on the disk under any file name but it s unclear what the initial infection vector is, according to the analysis. The malware is notable for its uniqueness: As an entirely new Linux malware, it’s a rarity and caught our attention, said ESET researcher Anton Cherepanov.
Source: https://threatpost.com/cdrthief-malware-voip-gear-carrier-networks/159100/