Malware researchers at ESET discovered a new threat that they named CDRThief targeting a specific Voice over IP system to steal call data records (CDR) from telephone exchange equipment. The malware was specifically created for a particular Linux VoIP platform, namely Linknat VOS2009/3000 softswitches. It can steal call metadata from internal databases, such as IP addresses, phone numbers, start time and duration of the call, its route, and type. The key is password-protected, but the key is encrypted at rest in the configuration file, the malware can read and decrypt it.
Source: https://www.bleepingcomputer.com/news/security/new-cdrthief-malware-steals-voip-metadata-from-linux-softswitches/