A recent attack aimed at a U.S.-based oil, gas and chemical supplier leverages the company s use of the Asterisk open-source PBX software, used for VoIP services. The attack was first identified early last year when researchers spotted scanning activity targeting 1,500 unique gateways tied to 600 companies. The attacker was able to use a command-injection technique over HTTP to inject a PHP web shell into Asterisk server’s outgoing directory. No evidence of data stolen from the server has turned up anywhere on the underground, according to researchers.
Source: https://threatpost.com/voip-espionage-campaign-utilities-supplier/148916/