Ransomware Gang Hacks VoIP for Initial Access

13-Sep-22

Researchers have discovered that threat actors broke into a victim’s corporate network by using a common VoIP appliance’s flaw. The anonymous organisation was affected by the Lorenz ransomware strain, according to a team at Arctic Wolf.

The gang reportedly used the remote code execution bug CVE-2022-29499 to target the Mitel Service Appliance component of MiVoice Connect in order to gain a reverse shell. The hackers then shifted into the network using the free source TCP tunnelling application Chisel. Read More…