Sipera VIPER Lab Reveals Vonage Users Vulnerable to VoIP Identity Theft, Eavesdropping and Other Exploits

Threat Advisories Cite Issues Exposing Residential and SMB VoIP Customers to Multiple Exploits and Service Interruptions

Richardson, TX, October 23, 2007 – Sipera VIPER™ Lab, operated by Sipera Systems, the leader in comprehensive VoIP/UC security solutions, today disclosed multiple threat advisories for users of VoIP services and equipment from Vonage, Globe7 and Grandstream. Among other threats, unwitting VoIP users face eavesdropping, spam, spoofing and denial-of-service (DoS) attacks. Full details on these vulnerabilities are posted as an educational security service to Sipera’s customers and the general public at http://www.sipera.com/viper.

Sipera VIPER Lab determined the Vonage VoIP Motorola Phone Adapter (VT 2142-VD) and Vonage service implementations leave users vulnerable to a form of VoIP identity theft, allowing hackers to take over a user’s phone service with a “registration replay attack,” then make and receive calls while impersonating the victim. Incomplete security practices, such as not encrypting traffic, open Vonage users to eavesdropping on private voice and video communications. Hackers can also send multiple SIP INVITE messages to a user, an Internet version of “ringing the phone off the hook” which creates a DoS attack. Leveraging these vulnerabilities, remote attackers can also send malicious messages directly to Vonage users, subjecting them to spam, social engineering and VoIP scams.

“These vulnerabilities create serious privacy and service availability issues for users,” said Krishna Kurapati, Sipera founder/CTO and head of Sipera VIPER Lab. “Vonage, Globe7 and Grandstream customers can no longer assume that their VoIP providers are automatically securing their services, but they should demand best security practices be followed as a condition of becoming a customer. Sipera VIPER Lab will continue to proactively identify VoIP threats and assist VoIP providers to implement best security practices before attacks occur.”

Sipera VIPER Lab also found issues with European provider Globe7’s online account access, as a result of utilizing unsecured connections and employing a weak encryption scheme. This allows hackers to access confidential name, password and account balance data, as well as steal VoIP service to make and receive calls, masked as a legitimate Globe7 user. Likewise, Sipera VIPER Lab established the Grandstream HandyTone-488 PSTN-to-VoIP adapter is vulnerable to buffer overflows and fragmented packet attacks. By sending a specially crafted SIP INVITE message to public IP addresses, attackers can disconnect legitimate Grandstream users.

Sipera VIPER Lab is comprised of experienced VoIP security researchers operating globally 24/7/365. Since its inception in 2003, Sipera VIPER Lab has identified thousands of vulnerabilities and security threats which include fuzzing, floods and distributed floods, spoofing, stealth attacks and spam. VIPER Lab research is used to continuously improve the Sipera IPCS products that protect, control and enable real-time unified communications for enterprises and service providers. Sipera VIPER Lab also recently launched a blog to discuss ongoing VoIP attacks and VoIP/UC vulnerabilities at http://www.sipera.com/viper/blog.

About Sipera Systems
Sipera Systems provides enterprises and service providers with comprehensive VoIP/UC security solutions that protect, control and enable real-time unified communications. The Sipera IPCS™ products combine VPN, Firewall/SBC, Intrusion Prevention, Anti-Spam, Compliance and Troubleshooting functionality for VoIP systems in a single device. This securely enables IP PBXs, VoIP remote users, SIP trunks, data/voice VLANs, hosted VoIP services and IMS or UMA-based networks. Comprised of top vulnerability research experts, the Sipera VIPER™ Lab concentrates its efforts towards identifying VoIP vulnerabilities, while Sipera LAVA™ tools verify networks’ readiness to resist attacks. Founded in 2003, and backed by Austin Ventures, DTEC, Sequoia Capital and Star Ventures, Sipera is headquartered in Richardson, TX. Visit http://www.sipera.com.

Sipera, Sipera logo, Sipera IPCS, Sipera IPCS 210, Sipera IPCS 310, Sipera IPCS 410, Sipera IPCS 510, Sipera IPCS 520, Sipera LAVA and Sipera VIPER are trademarks of Sipera Systems, Inc. All other companies and products listed herein are trademarks or registered trademarks of their respective holders.

Media Contacts:

Larry Bouchie, KMC Partners Public Relations, 617-758-4192, larry@kmcpartners.com

Brendan Ziolo, Sipera Systems, 214-606-1080, bziolo@sipera.com

« back to press releases

Unified Communications Unleashed
Sipera Systems is the worldwide market leader in solutions for the rapid and simple adoption of Unified Communications (UC). Thousands of users around the globe rely on Sipera to secure VoIP, IP video, collaboration, messaging and dozens of other high-performance applications. Sipera’s groundbreaking “Borderless UC” enables controlled communications to any device in any location.

Years of UC Security experience is contained in Sipera unified communications (UC-Sec) products. These appliances benefit from the research conducted by Sipera VIPER Lab to provide comprehensive threat protection, policy enforcement, access control, and privacy in a single, real-time appliance.