Police say hacker stole phone time from AT&T, others

Profits allegedly funneled to Islamist extremists in Pakistan, Afghanistan

An Italian magistrate has issued an international arrest warrant for a Filipino hacker suspected of causing millions of dollars of losses to telecommunications multinationals, and Italian police have arrested five Pakistani nationals accused of exploiting the hacker's work to defraud the telecom companies, officials in the northern city of Brescia said Friday.

The Filipino hacker was part of a group that allegedly penetrated the IT systems belonging to customers of major telephone companies, including AT&T, to steal access codes for international phone calls that he then sold to the group of Italy-based Pakistanis who ran a network of public phone centers. Police declined to identify the hacker by name, saying only that he was a 27-year-old male living in the Philippines.

The Pakistanis offered cut-price calls to their clients by piggy-backing on the PBXs (private branch exchanges) of commercial companies in the United States, Australia and Europe, Italian officials said. The Filipino hacker allegedly sold the access codes that enabled users to take control of the exchanges at US$100 per code, and the codes were then sold on to other users, they said. Some of the illegal profits were allegedly sent to finance the activities of Islamist extremists in Pakistan and Afghanistan, the officials said.

Police identified Zamir Mohammad, 40, the manager of a phone center in Brescia, as the principal buyer of the Filipino's allegedly illegally acquired access codes. Mohammad was responsible for exploiting the codes and selling them on to other telephone service operators in Italy and Spain, police said. On Friday the U.S. Department of Justice unsealed an indictment charging Mahmoud Nusier, 40, Paul Michael Kwan, 27, and Nancy Gomez, 24, all currently residing in the Philippines, with unauthorized computer access and wire fraud. They were arrested on March 10, 2007.

The five Pakistanis arrested in Italy are phone-center manager Mohammad, Shabina, Kanwal, 38, Ahmed Waseem, 40, Zahir Shah, 39, and Iqbal Khurram, 29, the U.S. Department of Justice said.

As well as making the arrests, police seized 10 phone centers Friday in northern and central Italy and raided 16 properties belonging to Pakistani and Moroccan nationals suspected of links to the telephone pirates.

The investigation began in May 2007 following a tip off from the FBI that a group of hackers based in the Philippines had violated the IT security of major international phone companies. The group was allegedly headed by Nusier, a Jordanian, Italian police said.

"Italy's antiterrorism police and the FBI are still investigating the group's activities in Spain and Switzerland," Brescia police spokeswoman Sara Del Rosario said in a telephone interview. During the five years the scam was operating, Mohammad allegedly sent some EUR400,000 (US$560,000) to an Islamic charity run by Jamal Khalifa, a brother-in-law of al Qaida leader Osama bin Laden, Del Rosario said. Khalifa, who was killed in Madagascar in 2007, was suspected, among other things, of funding the Abu Sayyaf group, an organization of Muslim extremists operating in the Philippines.

Many of the calls from the phone centers were made to conflict hotspots in the Middle East and Asia, Del Rosario said. "The stolen access codes offered the added advantage of anonymity to the callers, in violation of Italy's 2005 antiterrorism law," she said.

The biggest victim of the hackers was AT&T Corp., which estimated its losses to the organization since 2003 amounted to US$56 million, Brescia police said in a prepared statement. Other companies targeted by the group were not identified by name.

AT&T was not itself hacked. According to the indictment, Nusier, Kwan, Gomez and others hacked the PBX (private branch exchange) phone systems of several U.S. companies -- some of them AT&T customers -- using what's known as a "brute force attack" against their phone systems. They were allegedly paid $100 per hacked telephone system.

More than 2,500 companies in the U.S. Europe, Canada and Australia were hacked, authorities say.

In this type of attack, the hacker calls into the telephone system over and over trying to find an extension with a default or easy-to-guess password. They would take over the hacked PBX system and use it to place international calls often connecting to the phone systems for hours at a time while dialing out making long-distance calls.

The criminals could simply route long-distance calls through the hacked systems, or use these systems to "loop back" and connect both parties. Either way, they were able to make long-distance calls for far less than regular toll rates. The hacked company would see its phone bill skyrocked.

Hacking tools such as Warvox can be used to find vulnerable PBX systems, said Lance James, chief scientist at Secure Science. Using this loop-back technique, criminals would need to make just a short initial call to the phone system in order to place a long distance call of any duration, he said. "They only pay for that connect charge for less than 30 seconds and they are making almost pure profit off of that."

The hackers would send PBX numbers and passcodes to the Brescia call center, which would in turn wire money back to them, the indictment states. Numbers and passcodes were then sent to other call centers, including at least one in Spain. In total, about 12 million minutes of telephone calls were siphoned off of these hacked phone systems, with victim companies and carriers like AT&T left to bear the costs.

Join the Good Gear Guide newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags network securityvoipat&tterrorismpabxhackerhacking

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?