Stealing and Reselling Phone Minutes

Interesting new variation of phone fraud:

For the telecoms, the profit is in using VoIP to deliver calls from one phone to another. That requires a “gateway” server to connect a carrier’s phone network to the Net. Phreakers break into these gateways, steal “voice minutes” and sell them to other, usually smaller, telecoms. Many of these firms then sell printed phone cards or operate call centers. “It’s a great racket,” says Justin Newman, CEO of BinFone Telecom of Baltimore, which has been stung by phreakers.

Posted on March 21, 2007 at 11:20 AM12 Comments


Evan March 21, 2007 11:55 AM

“lacking the money for secure gateways”. So these companies are place an insecure gateway on the public internet and then crying about stolen minutes? They should consider themselves lucky they are making any money at all!

Arik March 21, 2007 12:24 PM

I’m on the internet and I’m not protected and people are stealing from me. Now where did we hear that before…

Eduardo Cabral March 21, 2007 12:25 PM

“But VoIP is not as secure as old-fashioned phone lines” , Could be any worse?:)

Peter March 21, 2007 1:04 PM

Dear Bruce,

I sent you an e-mail to advise you of your being hacked and not corrected
in url redirection to Machine Science [NFP Robotics Co in Boston]
for the third straight day, this A.M., but ms did not go out
through our servor. So I am trying different routes.

The point: it is bad for your rep to have your url hijacked =[be hacked]
for three days straight.
Hope this message gets to you.
First two days’ alert had no noticable effect,
and number three didn’t get past our servor net.
See next for previous

Previous | Next | Back to INBOX Printable View | View All Headers
| View Email Source

inline textas attachment Select Folder Undeliverable Mail
From: [unpub] [Add to Address Book] Flag Message | Mark Unread
[This is spam]
To: schneier@schneier
Subject: URstillHACKED
Date: Mar 20, 2007 11:22 AM
I sent you this ms. yesterday;
all is still the same.

Dear Bruce:
Your web page click through from Google:
“ – – –
refers us to Machine Science as
URL = in the address line
but is a different web page
and when that address line is clicked on
shows the actual URL translation as

I think your page or its locator has been hacked.

Hop on it – it was DAY 2


gfujimori March 21, 2007 1:06 PM

“Lacking money for expensive guarded storage facilities,” the small auto manufacturer has been hit dozens of times by thieves stealing parts and raw materials.

If someone printed this, everyone would laugh at that company. But, if it’s VoIP, people feel bad that they are victims of hackers and phreakers.

Go back to MBA school, learn how to build a decent business model, start over.

Steven March 21, 2007 2:00 PM


You may want to check the DNS server your pc(s) are looking towards. Chances are it or, perhaps, your own local hosts file is the one that is hacked.

Bunbun March 21, 2007 3:54 PM


“Subject: URstillHACKED”

…I can kinda understand why Bruce didn’t pay further attention to your email.

Andre Fucs March 21, 2007 8:39 PM


This is not new. Is basically the same thing that happened not a long time ago and became news when a VoIP “carrier” from US had some thousand bucks stolen.

What people tend to forget is that this kind of theft also happens, though in a different way, using DISA, phreaking and specialy, identity fraud.

Phone fraud had been a huge business for years, things are running so wild that in countries with strong criminal organizations like Brazil, criminals frequently use DIY PBX systems to practice their business.

Greg March 22, 2007 5:48 AM

Real phone systems still have some of the same problems. In that emplyess steel call time of a switch and then sell that off on calling cards etc. Was pretty big in indonesia back in the late ninties.

On a different note. they can’t be loosing much money if its still more expensive to make the gateways secure.

derf March 22, 2007 11:48 AM

I’m still impressed by the phreakers from several years ago that were able to run up the long distance bill of an interstate emergency call box phone to the tune of several million bucks.

Alex Urbanowicz March 24, 2007 10:28 AM

I saw once a variation of the technique which was semi-legal. A company would buy a lot of GSM SIM cards with business calling plans, put the cards in gateway, and, using VoIP route international calls directly to the GSM networks without the calls passing the national telecom network (which was mandatory here at the time) and without paying inter-telecom routing fees to the national operator.

Because of them, the contract for a SIM card from a GSM operator now includes the clause that the SIM may be placed only in a network terminal.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.