Calling all cybercrooks: Ready-made phone attack rig for sale
Kit used as part of online banking fraud
Cybercrooks are marketing a hardware-based tool for running denial of service attacks on telephone systems.
The Telephone Denial of Service attacks (TDoS) rig is being sold by a group of cybercriminals called “TNT” from Eastern Europe via underground cybercrime forums.
The tool, called “TNT Instant Up”, features a special hardware platform made up of several connected Wireless USB 3G/4G modems (up to 12 devices).
Specialised software allows the tool to perform continuous calls from inserted unlocked SIM-cards (GSM flood) and leverages various SIP providers (SIP flood), according to security intelligence firm IntelCrawler.
The rig supports Caller ID spoofing and also includes a special “Service 500 Error” bypass, using multiple call forwarding. In a video marketing the technology, cybercrooks demonstrate TDoS attack against several demo victims, featuring a high volume of calls from spoofed or anonymous numbers.
IntelCrawler warns that the tool offers the potential of increasing the power of attacks miscreants might be able to muster because of parallel simultaneous usage of connected devices.
Pricing ranges between $560 and $1,200, depending on activation options and software. TNT Instant Up also offers TDoS services for hire.
Cybercrooks use the tools for online banking fraud or targeted cyber attacks against banking customer services, preventing their systems from receiving legitimate calls.
Last summer, the FBI reported TDoS attacks telephone swamping moves against healthcare and public health targets. Isolated attacks against emergency call centre targets have also been reported.
The tool has the potential for various types of attacks and scams, including but not limited to hacktivism and cybercrime. ®