Sounds Like Botnet

Presented at DEF CON 19 (2011), Aug. 6, 2011, 4 p.m. (50 minutes)

VoIP is one of the most widely-used technologies among businesses and, increasingly, in households. It represents a combination of Internet technology and phone technology that enhances and expands the possibilities of both. One of these possibilities involves using it for botnet command and control infrastructure and a data exfiltration vector. The concept of VoIP Botnet is to operate in closed networks with limited access and the potential of censorship using everyday telecommunication and telephony services such as voicemail, conference calls, voice and signaling information. Moshi Moshi is a proof of concept VoIP Botnet that allows the operator to dial in from a pay phone or mobile phone, and get shell access and exfiltrate data from the bots. This presentation will discuss and demonstrate the use of VoIP technology to create "Moshi Moshi," we also explore some interesting properties of VoIP based botnet. Additionally, we will discuss mitigating factors and ways that VoIP providers should implement in order to prevent further VoIP abuse.

Presenters:

  • Iftach Ian Amit - VP Consulting at Security Art
    Iftach Ian Amit: With over a decade of experience in the information security industry, Iftach Ian Amit brings a mixture of software development, OS, network and Web security expertise as Vice President Consulting to the top-tier security consulting firm Security-Art. Prior to Security-Art, Ian was the Director of Security Research at Aladdin and Finjan, leading their security research while positioning them as leaders in the Web security market. Ian has also held leadership roles as founder and CTO of a security startup in the IDS/IPS arena, developing new techniques for attack interception, and a director at Datavantage, responsible for software development and information security, as well as designing and building a financial datacenter. Prior to Datavantage, he managed the Internet Applications as well as the UNIX departments at the security consulting firm Comsec. Ian is a frequent speaker at the leading industry conferences such as BlackHat, DEF CON, Infosec, Hacker-Halted, FIRST, BruCon, SOURCE, ph-neutral, and many more. Ian holds a Bachelor's degree in Computer Science and Business Administration from the Interdisciplinary Center at Herzlya. Twitter: @iiamit Skype: iamit.org
  • Itzik Kotler - Chief Technology Officer at Security Art
    Itzik Kotler Itzik Kotler serves as Security Art's Chief Technology Officer and brings more than ten years of technical experience in the software, telecommunications and security industries. Early in his career, Itzik worked at several start-up companies as a Security Researcher and Software Engineer. Prior to joining Security Art, Itzik worked for Radware (NASDQ: RDWR), where he managed the Security Operation Center (SOC), a vulnerability research center that develops update signatures and new techniques to defend known and undisclosed application vulnerabilities. Itzik has published several security research articles, and is a frequent speaker at industry events including Black Hat, RSA Conference, DEF CON and Hackito Ergo Sum. Twitter: @itzikkotler Skype: itzikkotler LinkedIn: http://il.linkedin.com/in/itzikk

Links: