Telus Puts A Stop To 'Modem Hijacking' 293
TheIonix writes "Telus, a major telco in Canada, decided to block long distance direct-dialed calls to four countries to help reduce dial-up 'modem hijacking'. The article explains: 'When the [dial-up] user downloads [certain malware programs], the downloaded file accesses software on their computer and causes the modem to dial phone numbers in foreign countries, resulting in long distance charges.' 4 countries were targeted: Guinea-Bissau, Guyana, Nauru and Sao Tome. It is still possible to call to those countries with the operator assistance and the fees are waived. Now let's see if this nice idea will be followed by others."
When phone monopolies go corrupt... (Score:5, Informative)
In short, the phone companies in these developing nations are usually in on the scheme and profit just as much as the malware operators do from the increased call volume. They have no interest in stopping calls that way.
I wouldn't be opposed to giving such companies an international telecom death penality of simply not routing calls their way. If the only phone operator in a country can't properly keep scam artists out of their network, and furthermore aids such scam artists, that country really doesn't have much of a phone system to begin with... an electronic embargo might get the government there to get a clue.
Re:When phone monopolies go corrupt... (Score:5, Interesting)
To his credit, he doesn't write the dialers themselves. He just writes generalized billing systems for porn sites which are the ones putting dialers on people systems. Usually they wait until the wee-hours of the morning or during the day to make their calls so they can stay connected for a good 2-3 hours and really rack up the charges.
I wouldn't go after the phone companies so much as I would go after the dialer producers. I think generally it's not that the phone company is in cahoots with the dialer company, it's just that they don't bother to regulate it or their government hasn't passed laws officially banning the practice. Governments usually get off their rear and do that but it takes time. Besides, there are probably legitamate reasons for calling those countries such as talking to one's family.
Re:When phone monopolies go corrupt... (Score:4, Interesting)
The telco *has* to be in cahoots... (Score:5, Interesting)
I think generally it's not that the phone company is in cahoots with the dialer company, it's just that they don't bother to regulate it or their government hasn't passed laws officially banning the practice.
Re:When phone monopolies go corrupt... (Score:3, Interesting)
Seriously though, what would happen if you simply refused to pay the charges? i.e. Work with your phone company so that you pay them their side of the line, then simply refuse to cough up the cash to the foreign carrier. Attempts at prosecution would have to be through your home country's legal system, which may have laws regarding fraudulent debts.
Re:When phone monopolies go corrupt... (Score:3, Informative)
It's black mail. Do you really want to go to court with "Nude 17 years olds of Nigeria inc." and risk getting a rep as a porn fiend? Not that many do so this f
Re:When phone monopolies go corrupt... (Score:3, Insightful)
Yeah. For a second there, I thought your friend sounded like an unscrupulous piece of shit, but knowing that he doesn't actually write the diallers themselves has given me new respect for him.
What's your point exactly? This sounds like a lame excuse to absolve someone of responsibility for supporting behavior of dubious legality and even more dubious morality.
Guess what? A good case could be made that so
Go after the dialer producers?? (Score:5, Insightful)
It's the telco's and the porn companies that need to be held accountable since they are the ones distributing and profiting from this computer hijacking. They could possibly face jail time for that if they are in the US. Not sure, but it seems there are stricter laws all the time.
Writing a dialer is pathetically easy. Even from a simple DOS prompt, one liner
echo "atdt 1-123-456-7890" > com1:
This is once step BELOW spammers in my opinion, and your using the same pathetic excuses they do. People shouldn't make it so easy to do. Spam at least is only for idiots. Your taking control of computers and waiting until people won't notice.
It's not email software or dialer software that is the problem. It's the scum who take these useful tools and use them to try to rip people off.
telcos are more accountable (Score:3, Interesting)
Not even that..... (Score:5, Interesting)
Government Monopolies? (Score:3, Informative)
Re:Government Monopolies? (Score:2, Interesting)
So it seems it isn't 'the corrupt third world governments' behind this 'problem'.
Re:When phone monopolies go corrupt... (Score:2)
Re:When phone monopolies go corrupt... (Score:2)
Re:When phone monopolies go corrupt... (Score:3, Insightful)
Still, free email addresses. Can't beat that.
Lesser of 2 evils I suppose (Score:5, Insightful)
Re:Lesser of 2 evils I suppose (Score:3, Interesting)
Re:Lesser of 2 evils I suppose (Score:5, Insightful)
Re:Lesser of 2 evils I suppose (Score:3, Insightful)
My cell phone provider defaults to having international dialing completely disabled. You need to call and go through a verification process to enable it.
There's a catch, though: It's either all on or all off. You can't say "I've got my wife overseas in the Philippines for a few months, and a friend in the UK. I'd like to be able to call those two countries, but please leave everyone else blocked."
No good excuse for that, either. It's hard to believe they can't have that level of granularity. What I'd re
Re:Lesser of 2 evils I suppose (Score:2)
Re:Lesser of 2 evils I suppose (Score:2)
And yes, some people do still run services using intercontinental UUCP links.
This better be configurable on a per subscriber basis.
Re:Lesser of 2 evils I suppose (Score:2, Insightful)
What could be simpler?
Re:Lesser of 2 evils I suppose (Score:4, Interesting)
voice conversations are very very tolerant of small disruptions while data is not. So just introduce random noise once at the beggining (to interrupt the initial handshake) and once every minute of so. a small change in pitch and modulation 1/2 second out of a minute won't affect voice calls very much but data lines won't take it too well.
Not that many people place Long distance data calls on land lines. Some geek BBS'ers but their pretty rare in this age of telenet. So there'd be very very little disruption of normal service.
Re:Lesser of 2 evils I suppose (Score:4, Interesting)
This is good (Score:4, Insightful)
Re:This is good (Score:5, Informative)
Here's an idea: Don't hook up the phone line to the computer unless you plan on going online
Here's a better idea: download Spybot Search & Destroy [spybot.info] and run it. Keep your system patched. Run AV software. Don't run unkown binaries (read:"crap off Kazaa")
Re:This is good (Score:2)
Re:This is good (Score:3, Interesting)
Re:This is good (Score:2)
As of yet...
Re:This is good (Score:3, Insightful)
Linux is resitant. Resistant and immune are two different things. If you have a working modem in a linux box and someone out of boredom writes a C program that dials 1900-rand-prn. You'd be just as vulnerable is you left the line in.
Another idea (Score:5, Interesting)
Re:Another idea (Score:2, Insightful)
Better yet (Score:5, Insightful)
Re:Better yet (Score:2)
Re:Better yet (Score:2)
No it's not. If it were, 56Kbps modems wouldn't work, because they depend on the telephone exchange to detect that it's a modem connecting, and to set up a data call. All telephone companies use systems that do this. Rejecting data calls by policy is most certainly built into all the digital exchanges.
Most European countries even
Re:Better yet (Score:2)
Phew (Score:5, Funny)
I'm glad Nigeria isn't being blocked, I have to contact Dr. Mbugo Mbongo to see how my wire transfer went.
Re: I, for one, welcome our new Nigerian overlords (Score:2)
A good start (Score:2)
Of course, I personally haven't seen a modem in years...
Not really "putting a stop to it", are they? (Score:3, Insightful)
With that kind of sensationalist headline, you'd think they released a benevolent worm that safeguards against hijacking.
Seriously, is following the money, reversing the charges and putting the people responsible behind bars all that difficult?
Re:Not really "putting a stop to it", are they? (Score:3, Interesting)
It's not like it's some rogue criminal, you'd have to basically invade the country and overthrow the corrupt government if you wanted to stop them.
Re:Not really "putting a stop to it", are they? (Score:3, Funny)
Well, that's certainly a nobler purpose than the last time the U.S. invaded a country. Given a choice, I'd go with that.
Re:Not really "putting a stop to it", are they? (Score:4, Funny)
Re:Not really "putting a stop to it", are they? (Score:3, Funny)
There's more than just locating it - we have to get our tank out of Afghanistan. Our airplane is tied up too.
- Thomas;
Re:Not really "putting a stop to it", are they? (Score:2)
That's right, because Saddam Hussein was such a nice man!
Operator Assisted Modems (Score:5, Funny)
Operator: How may I direct your call?
Customer: Squeeechhllcshhsh
Operator: You want to be connected to Guinea-Bissau?
Customer: Squeeeeelch
Operator: One moment while I connect you.
See, it won't help. :)
Re:Operator Assisted Modems (Score:5, Funny)
Re:Operator Assisted Modems (Score:2, Interesting)
"Hi, I'm a Telus technician calling from [insert any number here]. Can you please place a test call to [wherever]?"
(see, cuz I used angle brackets instead of square, and didn't escape them...)
Pay us to not provide a service to you? (Score:3, Informative)
It's interesting that they're asking people to pay to be not able to dial given numbers. You'd think a hardware device on the user's side could provide the same functionality for less...
Re:Pay us to not provide a service to you? (Score:5, Interesting)
Problem with (commercially) building something designed to plug into the phone jack is that there's a lot of paperwork involved.
Such a device would be a very cool homebrew project, though. Just intercept the DTMF for "1" and a user-configurable series of digits (you could program the device either with a keypad on the device, or you could program the device with DTMF tones). Hold the dialed digits in a buffer. When the user finishes dialing the digits on the phone, the user presses the "dialout" button on the phoneblocker, and the buffered digits are dialed out. (Sorta like a cell phone - punch in digits, then click "OK" to dial)
Because a trojan dialer isn't going to have you around to press "dialout", no call ever gets made. Added bonus, you have a gadget that can log the numbers (and for real style points, add a clock chip and store time and date :) all outbound calls made from your number.
Of course, anyone smart enough to design it - or even just build it from a set of schematics and a bucket of spare parts - is unlikely to get pwn3d by a trojan pr0n dialer in the first place. But it'd be a fun weekend project or group exercise for a first year engineering course.
Re:Pay us to not provide a service to you? (Score:2)
its called unplugging the phone cord
the software solution is called ad-aware/spybot S&D
You mean like this device? (Score:2)
so the malware writers will just... (Score:3, Insightful)
then the telcos will block those countries...
until we need operator assistance to dial anything!
(extreme)
Re:so the malware writers will just... (Score:2)
Re:so the malware writers will just... (Score:2)
A few years back, in Denmark, there was a big deal around calls to St. Helena. The provider for these islands is British Telecom, so these were routed through London, and ran at about 20 dkr/min (=$3-4). About 1 or 2 dkr was the cost of the call to britain, and thus shared by the danish and british (legit) telcos. The rest of the money were paid to the malware-people to whom BT app
in sweden.... (Score:2, Informative)
Re:in sweden.... (Score:3, Funny)
Re:in sweden.... (Score:2)
Mozilla Firefox.
Any other non-IE-based browser (on Windows) or IE running on a non-Windows platform (like MacOS or Solaris) will work as well. It's the IE-Desktop link that most malware uses to attack.
How many people still use modems? (Score:3, Insightful)
Re:How many people still use modems? (Score:2)
It's amazing they're doing this... (Score:2, Interesting)
Then on top of that, this seems such a small fix. What happens when the new virus out sets it up to call, say, Russia or China. Can't exactly block those countries. Yes yes I didn't RTFA so I'm not sure if these countries have significance more than I kn
Re:It's amazing they're doing this... (Score:3, Informative)
In Canada you are responsible for phone calls made from your phone, and you must pay for them. As Telus point out in their article, they have contracts for overseas calls, and the calls must be paid for even if the other end are corrupt scum.
Exactly what
Local (Score:2, Informative)
Re:Local (Score:2)
Internet credibility of a country (Score:5, Insightful)
E.g. who in their right mind accepts credit card orders from Romania, Russia or Indonesia when it is well known that the vast majority of those card numbers are stolen?
But I think that what is right now simply a major annoyance to on-line vendors and users (spam, phishing, etc.), will eventually backfire at the countries that are unable (or more likely do not care to) to control Internet fraud of various kind sas they become more and more blacklisted and left out of the Internet economy. This will eventually force their governments to pay attention to the issue. I bet already it is pretty frustrating to be an Internet user in one of such countries and know that most vendors on the internet will not accept any payment from you simply because of your country of origin...
Already happened (Score:2)
They accept orders from all 48 states :-)
(or occasionally 50. Tough luck if you are in Pago Pago or Puerto Rico, let alone a foreign country).
Where can I get this autodialler script for linux? (Score:5, Funny)
Talk about a phone call... (Score:3, Funny)
Re:Talk about a phone call... (Score:2)
And what are you using that camcorder for, hmmm???
I got away to stop that with out this idiotic idea (Score:3, Funny)
Password the Modem? Require User To Verify Calls? (Score:2)
Or, why not just password modem access?
Telus not the only one (Score:3, Interesting)
Old trick (Score:3, Funny)
Did the calls ever go to those countries at all? (Score:4, Informative)
Usually, these scams involve some marginal "billing service" provider. Integretel, eBillit, Payment One, and Verity International are some of the names that come up.
Better Solution (Score:3, Insightful)
Protecting its own interests (Score:5, Insightful)
This strategy ensures that Telus is never stuck again, plus, it gives them good PR because it appears that it is looking out for its customers. Yeah right.
Re:Protecting its own interests (Score:5, Insightful)
In this instance, a company can do something that
protects their bottom line and shareholders;
protects their customers; and
screws the malware writers;
and you're bashing them?
Hey, I'm thrilled that a company is making more money while doing something that's good--even if it is a telephone company. What's wrong with a little enlightened self-interest?
Not just Telus, SaskTel also (Score:2)
Telus scamming (Score:2)
When not in use for the net, the phone-line is disconnected from the modem... since the fax machine or something like that uses it also.
Telus charged him for such a call... but it seems to me that he couldn't have even made it:
-Phoneline likely disconnected
-When connected, phoneline was already dialed out (can't double-dia
Telco Security Insider View (Score:5, Interesting)
First of all, it's more than those four countries, although that's about half of the most common ones we've been seeing lately. At the very least, they should have added Diego Garcia, Tuvalu, and Tokelau to the list. But almost every really small, really poor country telco goes in for this kind of thing sooner or later, and at one point so did one of the UK telcos and (oddly enough) so did one of the Canadian telcos.
Do not assume that there has to be a modem on the other side. Your modem doesn't have to sync for you to get charged, it just has to stay dialed into that number long enough for the "first minute" charge to take effect.
The billers keep insisting that everybody who gets billed for these calls has agreed in advance to do so. At least some of them are lying about this. We have seen cases where we're absolutely sure that unlabeled trojans were to blame, including one that sets the user's computer to do so at least once a day for up to a couple of hours when they're not using it.
There are only two completely reliable defenses against this. The only completely reliable was is to never, ever, ever plug an analog phone line into your computer. (I had one customer insist that it couldn't have happened to them, they used broadband. But they had a fax modem card, and the dialer detected and used that.) That's not practical for most people, so instead call your local phone company and ask for a total block on directly dialed international calls. Most companies offer this as a free service. Also make absolutely sure, if you never intend to charge premium services to your phone bill, that you tell this to your local and long distance phone companies; having that note in the records on your account will help their security people know to block the calls more quickly when they get by and may, the first time, help you get the charges removed from your bill.
You can ask your long distance provider to block international directly dialed calls, too, but that'll only help if you get that block from every long distance provider in your country, and in the US that could take you weeks of research because there are so many. But if you're in the US and you don't block every long distance provider, all the dialer authors have to do is preface the modem string with 10-10 and the three-digit carrier code to temporarily switch your long distance provider. That's why it's going to be a lot more reliable if you do it through your local phone company, if they offer the blocking feature you need.
After you've blocked the feature, if you absolutely have to make a directly dialed international call, call your local company and your long distance company, remove the block, wait for it, make the call, and then call them back and restore the block.
US long distance companies aren't blocking whole countries for this because US law won't let them. Telcos are required to deliver every call that you want them to. This means that while we can temporarily stop your service until we can ask you "did you really want to make that call?," we can't pre-emptively stop you from calling poisonous numbers like this because we can't prove that nobody wants to call them. On the contrary, probably about 1 out of ever 20 customers that I speak to about this really did use the dialer on purpose and they intend to pay for the call. (About 3/4 of the callers, though, had it happen because somebody who didn't have their permission to charge long distance calls was sitting at the computer surfing porn or using paid gambling sites without the owner's knowledge. Frequently, it's their kids.)
My employer doesn't want me to tell you this because it is their opinion that every time we reveal anything about what we know about this scam (or any other),
Re:Nice Idea? (Score:2)
Your statement is too broad. Locking up criminals restricts their freedom but is a good thing. Making us pay taxes restricts our freedom to do what we like with our money, but is a good thing. In this particular case it doesn't seem to me to actually be the government doing this anyway.
Re:Nice Idea? (Score:2, Insightful)
Risking a plunge from the Offtopic cliff, I wouldn't call paying taxes a good thing. It's more like a necessary evil that is abused by government at every chance.
"In this particular case it doesn't seem to me to actually be the government doing this anyway."
Indeed, I posted the correction as AC.
Re:Nice Idea? (Score:2)
I think we'll leave it at a difference of opinion ;) I hadn't seen your AC correction, now I have.
Re:Nice Idea? (Score:2)
Re:Nice Idea? (Score:4, Interesting)
It seems to me a dialog box generated by the OS when an application tries to access the serial port would go a long way towards preventing this. I mean, doesn't this whole scam rely on the modem dialing out without the user knowing?
Re:Nice Idea? (Score:5, Insightful)
Telus is a telco, not the government.
How bout they focus on educating the public about malware instead?
Have you ever tried educating the public about anything?
Remember last week, when CERT recommended MSIE users consider switching browsers, and MSIE usage fell to under 10%? It didn't happen quite that way, now did it?
Remember, this is the same public that buys RIAA music, believes they'll go to hell if they "sin", and trust voting machines because they're convenient.
CERT? CERT?? Isn't That An Antacid Tablet? (Score:3, Insightful)
Remember last week, when CERT recommended MSIE users consider switching browsers, and MSIE usage fell to under 10%? It didn't happen quite that way, now did it?
CERT publishing a security notice is nowhere near "educating the public".
No one apart from geeks has heard of CERT or sees their notices. Say "CERT" to someone and they'll assume you're talking about an antacid tablet.
It's typical of some people employed by or enamored of a technical specialty to blame the "public" for not being as spe
No, it the public heard (Score:4, Informative)
Re:CERT? CERT?? Isn't That An Antacid Tablet? (Score:3, Funny)
I can't stand the rampant ignorance about common pallatives! Certs are breath mints, not antacids, you ignoramus!
I swear, people just don't even pay attention in the supermarket anymore. When will we have a serious effort to educate people about the proper uses of common products? This is how children end up in the hospital from Tums overdoses....
Re:Nice Idea? (Score:4, Informative)
2) This does not restrict your freedom in any way. You can still call Nauru etc, just not without opeator assistance.
Re:Nice Idea? (Score:2, Informative)
Not correct (Score:3, Informative)
Re:Nice Idea? (Score:2)
Re:Nice Idea? (Score:2)
the things you learn on here...
and they will still provide a way for you to call...no harm done.
Re:Nice Idea? (Score:2)
Educating the public never works. It's like giving money to the poor. They will take it, mutter a "it's about time" and keep on doing whatever they were doing.
Fear is a much better motivator.
Re:Now to do this for SPAM (Score:4, Funny)
"Please type most happily in capital letters."
Re: (Score:2)
Re:Countries exists ? (Score:3, Funny)
Re:too late (Score:2)
Re:Incredibly obscure Simpsons reference... (Score:2)