Details of how a Miami man allegedly earned a million dollars by defrauding Voice over IP providers have been leaked by prosecutors.
The scheme was a doddle and a bit of a wakeup call for VoIP providers.
Edwin Andres Pena found the prefixes that Internet phone companies use to identify calls that are allowed to be routed over their network. He did this by 'slamming' Internet phone networks with thousands of test calls using different variants of prefixes.
With a mate, he looked for vulnerable ports and routers in companies and hacked into the network to get administrator names and passwords.
Apparently, he conducted six million scans of AT&T's worldwide network alone from June to October of 2005.
Using this information, Pena reprogrammed the routers to allow the routers to handle VoIP calls, and to disguise the true source of the traffic.
He then sold phone call minutes under a discounted rate and routed his customer's calls to the companies network via the routers he had hacked.