Malware dubbed “CDRThief” targets voice over IP softswitches in an attempt to steal phone call metadata. ESET researchers say the attackers would have had to reverse engineer the platform binaries to analyze the encryption process and retrieve the encryption key used to decrypt the database password. CDRThief targeted a specific Linux VoIP platform and had its malicious functionality encrypted to evade static analysis. The ultimate goal for attackers using this malware is VoIP fraud, which could be used to perform International Revenue Share Fraud.
Source: https://thehackernews.com/2020/09/linux-voip-softswitch-malware.html