Slashdot Mirror
Telus Puts A Stop To 'Modem Hijacking'
TheIonix writes "Telus, a major telco in Canada, decided to block long distance direct-dialed calls to four countries to help reduce dial-up 'modem hijacking'. The article explains: 'When the [dial-up] user downloads [certain malware programs], the downloaded file accesses software on their computer and causes the modem to dial phone numbers in foreign countries, resulting in long distance charges.' 4 countries were targeted: Guinea-Bissau, Guyana, Nauru and Sao Tome. It is still possible to call to those countries with the operator assistance and the fees are waived. Now let's see if this nice idea will be followed by others."
Commonly, the way that these international calling scams work is that the monopoly carrier of the foriegn country charges obscenely high rates by most standards, and then the malware writer leases lines close to the point of entry so that the carrier doesn't have to do much work once the call enters their system. The malware writer is then given a piece of the international call toll for attracting the business.
In short, the phone companies in these developing nations are usually in on the scheme and profit just as much as the malware operators do from the increased call volume. They have no interest in stopping calls that way.
I wouldn't be opposed to giving such companies an international telecom death penality of simply not routing calls their way. If the only phone operator in a country can't properly keep scam artists out of their network, and furthermore aids such scam artists, that country really doesn't have much of a phone system to begin with... an electronic embargo might get the government there to get a clue.
Granted auto dialers to these countries will no longer function, but I suppose the loss of the one customer who regularly dials Guinea-Bissau, Guyana, Nauru and/or Sao Tome in Canada vs. the gazillions of mad people for bum phone bills weighs itself out. However let's see them try this with a bigger country having auto dial issues as well (Thailand, Vietnam and former Russian republics come to mind). A step in the right direction, but not hardly a full solution.
...in bed
Telus needed to do something, I know from experience that this is a serious problem. 16 dollars for some call to africa i never placed, I had no idea about this stuff, fortunately Linux is immune to these things. Here's an idea: Don't hook up the phone line to the computer unless you plan on going online. That way if one of those stupid dialers fire up, its evil plan will get foiled.
Why not just have a system that speaks some digits and waits for you to punch them back in for verification? I doubt this software is going to figure out the drivers for your voice modem and do speech recognition.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I'm glad Nigeria isn't being blocked, I have to contact Dr. Mbugo Mbongo to see how my wire transfer went.
Trolling is a art,
It only affects their customers, and only with malware dialing to four specific countries.
With that kind of sensationalist headline, you'd think they released a benevolent worm that safeguards against hijacking.
Seriously, is following the money, reversing the charges and putting the people responsible behind bars all that difficult?
Operator: How may I direct your call?
Customer: Squeeechhllcshhsh
Operator: You want to be connected to Guinea-Bissau?
Customer: Squeeeeelch
Operator: One moment while I connect you.
See, it won't help. :)
Telus's CallGate service costs $3.95 (Canadian, of course) and gives the option configure it to block 1-900 calls, toll calls, a list of 25 specific numbers or such.
It's interesting that they're asking people to pay to be not able to dial given numbers. You'd think a hardware device on the user's side could provide the same functionality for less...
make the programs dial different countries. simple.
then the telcos will block those countries...
until we need operator assistance to dial anything!
(extreme)
Yeah, right, when you try to send out an email from Nigeria, you would have to call a transcriber and dictate the email??
"Please type most happily in capital letters."
That was the turning point of my life--I went from negative zero to positive zero.
telia, the major telecom company here have created software (free to download from their site) for ms windows that blocks mode hijacking attempts.
Seems like this problem may soon be eliminated by obsolescence.
For one, do you really think they were giving people refunds for these charges? Maybe Canada has some consumer protection laws or something, but from my dealings with scummy utility companies in the US, I know I'd pay every penny for a hijacked modem.
Then on top of that, this seems such a small fix. What happens when the new virus out sets it up to call, say, Russia or China. Can't exactly block those countries. Yes yes I didn't RTFA so I'm not sure if these countries have significance more than I know...
How bout they focus on educating the public about malware instead?
It seems to me a dialog box generated by the OS when an application tries to access the serial port would go a long way towards preventing this. I mean, doesn't this whole scam rely on the modem dialing out without the user knowing?
People's desire to believe they are right is much stronger than their desire to be right.
Risking a plunge from the Offtopic cliff, I wouldn't call paying taxes a good thing. It's more like a necessary evil that is abused by government at every chance.
"In this particular case it doesn't seem to me to actually be the government doing this anyway."
Indeed, I posted the correction as AC.
"Ask not what your country can do for you." --John F. Kennedy
I live locally to telus and one of the local television stations reported on this and said that cable modems and ADSL modems where also affected. They failed to mention anything about needing a phone modem connected to a phone line for this to affect the cable and ADSL modems. One way to create more excitement!!
I thought that any act by government restricting our freedom, no matter how benevolent their intent, was a bad thing.
Telus is a telco, not the government.
How bout they focus on educating the public about malware instead?
Have you ever tried educating the public about anything?
Remember last week, when CERT recommended MSIE users consider switching browsers, and MSIE usage fell to under 10%? It didn't happen quite that way, now did it?
Remember, this is the same public that buys RIAA music, believes they'll go to hell if they "sin", and trust voting machines because they're convenient.
E.g. who in their right mind accepts credit card orders from Romania, Russia or Indonesia when it is well known that the vast majority of those card numbers are stolen?
But I think that what is right now simply a major annoyance to on-line vendors and users (spam, phishing, etc.), will eventually backfire at the countries that are unable (or more likely do not care to) to control Internet fraud of various kind sas they become more and more blacklisted and left out of the Internet economy. This will eventually force their governments to pay attention to the issue. I bet already it is pretty frustrating to be an Internet user in one of such countries and know that most vendors on the internet will not accept any payment from you simply because of your country of origin...
Most of these international telecom LD companies use voip, and the gateway will negotiate to the right codec depending on whether its a data or voice call. Have the carrier detect whether its a voice call or data call and drop on the results.
Have you ever been to a turkish prison?
1) Telus is a publicly traded company, not a government agency
2) This does not restrict your freedom in any way. You can still call Nauru etc, just not without opeator assistance.
A consumer protest broke out about this in Denmark some time ago. The first IP adresses encountered when dialled in were in.....London. The operators charge the long distance call, but your phonecall actually never reaches the country of destination. The blocking described is now standard for all Danish telco's.
10 ?"Hello World" life was simple then
amazing. I never thought anything would do that on my toshiba laptop running linux. It was hard enough setting up any kind of dialling on the linmodem, if those scripts would have set up my modem for me and dialed a number, I would have gladly paid for it :)
How many of those monopoly phone companies are government monopolies? "Posts and Telecoms" remains within the government in many places.
-- Slashdot: When Public Access TV Says "No"
I am sad to say that I was caught by one of these auto-dialers about 7 years ago. I was looking for porn (in 8th grade, I think) and saw one of these "free porn" dialers. Anyway, I heard it dial and everything -- but I didn't think it was international. Anyway -- I was stupid and actually stopped looking at porn after maybe 5 minutes, and stayed on the line, browsing, for an hour. The call cost my parents $500. My mom got the bill and immediately called to complain and AT&T said it was a pornographic number, so they nailed me. Anyway, my mom complained to the company that I was just a supid kid, and they waived the fee. So, my mom, who was about to pay this $400 was so happy that she got it waived that she bought me a digital camcorder ($800) for Christmas (which was about a week away). Who said porn never pays?
I think my principles are reachin' an all time low
...with the dialer company (the telco in the foreign country, that is) - otherwise the dialer company would not make any money! The only way that the scam can work is that the foreign telco passes on some of the call revenue to the dialer company. Having said that, in some countries the home telco should also be held responsible - for example, here in Ireland the monopoly telco has specifically put all of the 'dialer countries' into a special band, for which they charge 360c/min, *three times* what they charge for the next band down (122c for 'rest of Pacific Rim'). As such, they make substantially more than the dialer companies themselves out of these scams (which doesn't motivate them to fix the problem.)
I think generally it's not that the phone company is in cahoots with the dialer company, it's just that they don't bother to regulate it or their government hasn't passed laws officially banning the practice.
Implement free highspeed internet for all of your country! Then people can't use the excuse it costs too much!
Gorkman
According the to end of this story, British Telecom are going to start doing the same thing too.
(three ascending tones) Message 5972 - The country you are trying to reach has been disconnected.
paintball
This is something that has been going on for a while now. I remember this happening when I was in middle school and when my dad got wind of this trick he kept panicking thinking that I would download some malware. I never had an issue with this and the only one who was likely to do something like this was my mother. She used to want to download that purple monkey thing and it took me a couple months to convince her not to do that anymore and finally I just got sick of having to fight all the stuff she downloaded and reformated her computer. Since then she has not downloaded random things.
>>
Remember last week, when CERT recommended MSIE users consider switching browsers, and MSIE usage fell to under 10%? It didn't happen quite that way, now did it?
CERT publishing a security notice is nowhere near "educating the public".
No one apart from geeks has heard of CERT or sees their notices. Say "CERT" to someone and they'll assume you're talking about an antacid tablet.
It's typical of some people employed by or enamored of a technical specialty to blame the "public" for not being as specialized as they are.
Besides, if someone wants to start educating the public, I'd rather they begin with things like using a turn signal.
-- Slashdot: When Public Access TV Says "No"
Usually, these scams involve some marginal "billing service" provider. Integretel, eBillit, Payment One, and Verity International are some of the names that come up.
Offer a free international call blocker to all subscribers and allow them to block out all the countries they are reasonably sure they would never call. When you try to call a foreign country that's blocked, a recorded message gives instructions on the procedure for removing the block.
That was the turning point of my life--I went from negative zero to positive zero.
Telus is not doing this to protect its customers, it's doing it to protect is own bottom-line. I would imagine that the vast majority of people caught by the modem high jacking scam refuse to pay their bills. They call and complaint, Telus backs down, and it is stuck holding the bag.
This strategy ensures that Telus is never stuck again, plus, it gives them good PR because it appears that it is looking out for its customers. Yeah right.
If someone says he and his monkey have nothing to hide, they almost certainly do.
The CERT bulletin he's referring to was published in the Washington Post actually.
Photos.
That's very stupid. They should go after your friend and people who make money from others. You can bet some poor sucker got paid $50 or less to write the dialer if they even got paid. Once it's made, you have it, just change the number it dials.
It's the telco's and the porn companies that need to be held accountable since they are the ones distributing and profiting from this computer hijacking. They could possibly face jail time for that if they are in the US. Not sure, but it seems there are stricter laws all the time.
Writing a dialer is pathetically easy. Even from a simple DOS prompt, one liner
echo "atdt 1-123-456-7890" > com1:
This is once step BELOW spammers in my opinion, and your using the same pathetic excuses they do. People shouldn't make it so easy to do. Spam at least is only for idiots. Your taking control of computers and waiting until people won't notice.
It's not email software or dialer software that is the problem. It's the scum who take these useful tools and use them to try to rip people off.
I apologize for posting anonymously, but I'm under non-disclosure on this. I work in the security department of a major long distance provider. Telus's blocks are a good try, but they won't stop the problem. They will put a small dent in it, though.
First of all, it's more than those four countries, although that's about half of the most common ones we've been seeing lately. At the very least, they should have added Diego Garcia, Tuvalu, and Tokelau to the list. But almost every really small, really poor country telco goes in for this kind of thing sooner or later, and at one point so did one of the UK telcos and (oddly enough) so did one of the Canadian telcos.
Do not assume that there has to be a modem on the other side. Your modem doesn't have to sync for you to get charged, it just has to stay dialed into that number long enough for the "first minute" charge to take effect.
The billers keep insisting that everybody who gets billed for these calls has agreed in advance to do so. At least some of them are lying about this. We have seen cases where we're absolutely sure that unlabeled trojans were to blame, including one that sets the user's computer to do so at least once a day for up to a couple of hours when they're not using it.
There are only two completely reliable defenses against this. The only completely reliable was is to never, ever, ever plug an analog phone line into your computer. (I had one customer insist that it couldn't have happened to them, they used broadband. But they had a fax modem card, and the dialer detected and used that.) That's not practical for most people, so instead call your local phone company and ask for a total block on directly dialed international calls. Most companies offer this as a free service. Also make absolutely sure, if you never intend to charge premium services to your phone bill, that you tell this to your local and long distance phone companies; having that note in the records on your account will help their security people know to block the calls more quickly when they get by and may, the first time, help you get the charges removed from your bill.
You can ask your long distance provider to block international directly dialed calls, too, but that'll only help if you get that block from every long distance provider in your country, and in the US that could take you weeks of research because there are so many. But if you're in the US and you don't block every long distance provider, all the dialer authors have to do is preface the modem string with 10-10 and the three-digit carrier code to temporarily switch your long distance provider. That's why it's going to be a lot more reliable if you do it through your local phone company, if they offer the blocking feature you need.
After you've blocked the feature, if you absolutely have to make a directly dialed international call, call your local company and your long distance company, remove the block, wait for it, make the call, and then call them back and restore the block.
US long distance companies aren't blocking whole countries for this because US law won't let them. Telcos are required to deliver every call that you want them to. This means that while we can temporarily stop your service until we can ask you "did you really want to make that call?," we can't pre-emptively stop you from calling poisonous numbers like this because we can't prove that nobody wants to call them. On the contrary, probably about 1 out of ever 20 customers that I speak to about this really did use the dialer on purpose and they intend to pay for the call. (About 3/4 of the callers, though, had it happen because somebody who didn't have their permission to charge long distance calls was sitting at the computer surfing porn or using paid gambling sites without the owner's knowledge. Frequently, it's their kids.)
My employer doesn't want me to tell you this because it is their opinion that every time we reveal anything about what we know about this scam (or any other),
Say "CERT" to someone and they'll assume you're talking about an antacid tablet.
;-)
I can't stand the rampant ignorance about common pallatives! Certs are breath mints, not antacids, you ignoramus!
I swear, people just don't even pay attention in the supermarket anymore. When will we have a serious effort to educate people about the proper uses of common products? This is how children end up in the hospital from Tums overdoses....
Don't you wish your girlfriend was a geek like me?
The problem with going after the producers and distributors of the dialer software is that it ends up being whack-a-mole. Any scam artist worth their salt is perfectly capable of shutting down one scam under legal pressure and opening a new one. Going after the telcos is much easier, even if the dialer agents are more culpable.
That's not true. Telus has had long distance competition since 1992 and local competition since 1997.
-- SYS 64738 --
KDDI in Japan did this years ago.