modem hijacking or internet dumping

Discussion in 'Computer Security' started by spviking, Aug 29, 2006.

  1. spviking

    spviking Guest

    Hi, Can modem hijacking happen to someone who uses broadband (not dsl)
    and doesnt have a phone line hooked up to their computer? I am a little
    new to the topic, any help would be appreciated.
     
    spviking, Aug 29, 2006
    #1
    1. Advertising

  2. David H. Lipman, Aug 29, 2006
    #2
    1. Advertising

  3. spviking

    Rick Merrill Guest

    David H. Lipman wrote:

    > From: "spviking" <>
    >
    > | Hi, Can modem hijacking happen to someone who uses broadband (not dsl)
    > | and doesnt have a phone line hooked up to their computer? I am a little
    > | new to the topic, any help would be appreciated.
    >
    > Plaese elaboarte on what what you are trying to ask.
    >


    I thought the OP was talking about downloading programs that then try to
    place calls via your phone, i.e. highjacking the modem.
     
    Rick Merrill, Aug 29, 2006
    #3
  4. From: "Rick Merrill" <>

    | David H. Lipman wrote:
    |
    >> From: "spviking" <>
    >>

    |>> Hi, Can modem hijacking happen to someone who uses broadband (not dsl)
    |>> and doesnt have a phone line hooked up to their computer? I am a little
    |>> new to the topic, any help would be appreciated.
    >>
    >> Plaese elaboarte on what what you are trying to ask.
    >>

    | I thought the OP was talking about downloading programs that then try to
    | place calls via your phone, i.e. highjacking the modem.

    Maybe. But I thought it was unclear and I wanted to be sure before posting an answer.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, Aug 30, 2006
    #4
  5. spviking

    Moe Trin Guest

    On Tue, 29 Aug 2006, in the Usenet newsgroup alt.computer.security, in article
    <>, Rick Merrill wrote:

    >David H. Lipman wrote:
    >
    >> From: "spviking" <>
    >>
    >>| Hi, Can modem hijacking happen to someone who uses broadband (not dsl)
    >>| and doesnt have a phone line hooked up to their computer? I am a little
    >>| new to the topic, any help would be appreciated.
    >>
    >> Plaese elaboarte on what what you are trying to ask.

    >
    >I thought the OP was talking about downloading programs that then try to
    >place calls via your phone, i.e. highjacking the modem.


    My interpretation was that the O/P was concerned about those wonky add-on
    "tools" needed to connect to some web sites - that turn out to be mal-ware
    that reconfigures the windoze Dial Up Networking setup to replace the
    existing (presumably "local") phone number with one in Central Africa (or
    some other "friendly" region) and suddenly the dial in to the ISP isn't
    a local call any more, and the telephone bill is running $LARGE_NUMBER
    of $CURRENCY_UNITS per second.

    Where this _MIGHT_ impact a broadband user without a telephone line and
    appropriate modem is if the "tool" reconfigures the networking setup,
    trying to disable the broadband connection so that the system _has_ to
    use the dialin to the foreign country. Not very likely, but possible.
    The mal-ware actually should trivially detect that this is a broadband
    connection (rather than dialin), and there are much better things it can
    be subverted for.

    What would be FAR more likely is the installed mal-ware converts this
    broadband connected system into a support zombie - serving pr0n or SPAM
    to the world at no cost or risk to the bad-guy. If something goes wrong,
    the O/P takes the heat, and the bad-guy can't be found. What's new?

    To the O/P: The mal-ware is going to go for the broadband connection (DSL
    or Cable - doesn't matter) for the same reason you converted to broadband.
    Bandwidth. Do you remember how long it took to bring up a single full
    screen image from someplace on the net over a telephone line? With cable,
    it comes up just like that! Now, think of the poor spammer trying to
    deliver that marvelous offer of p*n*s ex**nder pills to every household in
    Ohio using that same dialin line. Don't you think the spammer would rather
    use your high speed connection to do the same task, especially when there
    is no cost to the spammer, and you're the one people want to lynch?

    Old guy
     
    Moe Trin, Aug 30, 2006
    #5
  6. From: "Moe Trin" <>

    | On Tue, 29 Aug 2006, in the Usenet newsgroup alt.computer.security, in article
    | <>, Rick Merrill wrote:
    |
    >> David H. Lipman wrote:
    >>
    >>> From: "spviking" <>
    >>>

    >>|> Hi, Can modem hijacking happen to someone who uses broadband (not dsl)
    >>|> and doesnt have a phone line hooked up to their computer? I am a little
    >>|> new to the topic, any help would be appreciated.
    >>>
    >>> Plaese elaboarte on what what you are trying to ask.

    >>
    >> I thought the OP was talking about downloading programs that then try to
    >> place calls via your phone, i.e. highjacking the modem.

    |
    | My interpretation was that the O/P was concerned about those wonky add-on
    | "tools" needed to connect to some web sites - that turn out to be mal-ware
    | that reconfigures the windoze Dial Up Networking setup to replace the
    | existing (presumably "local") phone number with one in Central Africa (or
    | some other "friendly" region) and suddenly the dial in to the ISP isn't
    | a local call any more, and the telephone bill is running $LARGE_NUMBER
    | of $CURRENCY_UNITS per second.
    |
    | Where this _MIGHT_ impact a broadband user without a telephone line and
    | appropriate modem is if the "tool" reconfigures the networking setup,
    | trying to disable the broadband connection so that the system _has_ to
    | use the dialin to the foreign country. Not very likely, but possible.
    | The mal-ware actually should trivially detect that this is a broadband
    | connection (rather than dialin), and there are much better things it can
    | be subverted for.
    |
    | What would be FAR more likely is the installed mal-ware converts this
    | broadband connected system into a support zombie - serving pr0n or SPAM
    | to the world at no cost or risk to the bad-guy. If something goes wrong,
    | the O/P takes the heat, and the bad-guy can't be found. What's new?
    |
    | To the O/P: The mal-ware is going to go for the broadband connection (DSL
    | or Cable - doesn't matter) for the same reason you converted to broadband.
    | Bandwidth. Do you remember how long it took to bring up a single full
    | screen image from someplace on the net over a telephone line? With cable,
    | it comes up just like that! Now, think of the poor spammer trying to
    | deliver that marvelous offer of p*n*s ex**nder pills to every household in
    | Ohio using that same dialin line. Don't you think the spammer would rather
    | use your high speed connection to do the same task, especially when there
    | is no cost to the spammer, and you're the one people want to lynch?
    |
    | Old guy

    Malware doesn't care what Internet connectivity you have. It just want's to launch its
    payload which is often Internet related.

    It is just that connection to Broadband increases the cahnce of being infected.

    Malware will happily infect a DUN connected PC.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, Aug 31, 2006
    #6
  7. spviking

    spviking Guest

    Yes Moe trin is correct this is what I was referring to. My Cousin uses
    Time Warner's Road Runner here in New York and he got his recent
    Verizon phone bill and found 600 dollars worth of calls to Cameroon,
    Austria and Madagascar. The phone company told him it was likely modem
    hijacking (what Moe Trin described). My cousin does not have his phone
    line plugged into his computer at all and we cant figure out how this
    malware could have effectively charged his phone bill. Sorry I was so
    vague initially.

    Thanks again!


    David H. Lipman wrote:
    > From: "Moe Trin" <>
    >
    > | On Tue, 29 Aug 2006, in the Usenet newsgroup alt.computer.security, in article
    > | <>, Rick Merrill wrote:
    > |
    > >> David H. Lipman wrote:
    > >>
    > >>> From: "spviking" <>
    > >>>
    > >>|> Hi, Can modem hijacking happen to someone who uses broadband (not dsl)
    > >>|> and doesnt have a phone line hooked up to their computer? I am a little
    > >>|> new to the topic, any help would be appreciated.
    > >>>
    > >>> Plaese elaboarte on what what you are trying to ask.
    > >>
    > >> I thought the OP was talking about downloading programs that then try to
    > >> place calls via your phone, i.e. highjacking the modem.

    > |
    > | My interpretation was that the O/P was concerned about those wonky add-on
    > | "tools" needed to connect to some web sites - that turn out to be mal-ware
    > | that reconfigures the windoze Dial Up Networking setup to replace the
    > | existing (presumably "local") phone number with one in Central Africa (or
    > | some other "friendly" region) and suddenly the dial in to the ISP isn't
    > | a local call any more, and the telephone bill is running $LARGE_NUMBER
    > | of $CURRENCY_UNITS per second.
    > |
    > | Where this _MIGHT_ impact a broadband user without a telephone line and
    > | appropriate modem is if the "tool" reconfigures the networking setup,
    > | trying to disable the broadband connection so that the system _has_ to
    > | use the dialin to the foreign country. Not very likely, but possible.
    > | The mal-ware actually should trivially detect that this is a broadband
    > | connection (rather than dialin), and there are much better things it can
    > | be subverted for.
    > |
    > | What would be FAR more likely is the installed mal-ware converts this
    > | broadband connected system into a support zombie - serving pr0n or SPAM
    > | to the world at no cost or risk to the bad-guy. If something goes wrong,
    > | the O/P takes the heat, and the bad-guy can't be found. What's new?
    > |
    > | To the O/P: The mal-ware is going to go for the broadband connection (DSL
    > | or Cable - doesn't matter) for the same reason you converted to broadband.
    > | Bandwidth. Do you remember how long it took to bring up a single full
    > | screen image from someplace on the net over a telephone line? With cable,
    > | it comes up just like that! Now, think of the poor spammer trying to
    > | deliver that marvelous offer of p*n*s ex**nder pills to every household in
    > | Ohio using that same dialin line. Don't you think the spammer would rather
    > | use your high speed connection to do the same task, especially when there
    > | is no cost to the spammer, and you're the one people want to lynch?
    > |
    > | Old guy
    >
    > Malware doesn't care what Internet connectivity you have. It just want's to launch its
    > payload which is often Internet related.
    >
    > It is just that connection to Broadband increases the cahnce of being infected.
    >
    > Malware will happily infect a DUN connected PC.
    >
    > --
    > Dave
    > http://www.claymania.com/removal-trojan-adware.html
    > http://www.ik-cs.com/got-a-virus.htm
     
    spviking, Aug 31, 2006
    #7
  8. From: "spviking" <>

    | Yes Moe trin is correct this is what I was referring to. My Cousin uses
    | Time Warner's Road Runner here in New York and he got his recent
    | Verizon phone bill and found 600 dollars worth of calls to Cameroon,
    | Austria and Madagascar. The phone company told him it was likely modem
    | hijacking (what Moe Trin described). My cousin does not have his phone
    | line plugged into his computer at all and we cant figure out how this
    | malware could have effectively charged his phone bill. Sorry I was so
    | vague initially.
    |
    | Thanks again!
    |

    Yes. There are Trojan Dialers out there that when installed on a computer will place 900 or
    "off shore" phone calls to pay for services that can cost $40.00 US per phone call and make
    numerous phone calls.

    The term "modem hijacking" is non-standard.
    Trojan Dialers is the terminology. Those that call 900 number porn content are known as
    Porn Dialers.

    Now in relation to your original post. Once infected by a Dialer it doesn't make a
    difference if you are on Broadband or a Dial-Up (DUN) connection. However if you use DUN,
    it will own dial out when you are not using the DUN connection. If you are on Broadband you
    would need a traditional Plain Old Telephone System (POTS) modem (such as a FAX/modem).
    Cable modems and DSL modems are not traditional modems and can't make telephobne calls.

    Good article on Dialers.
    http://anti-spyware-review.toptenreviews.com/spyware/trojan-horse-dialers.html

    Now if a computer with Broadband has no POTS modem or it has one and NO telephone line is
    connected to the modem then a Trojan Dialer is a Red Herring and look to people using the
    telephone and not at malware on the PC.

    HTH

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, Aug 31, 2006
    #8
  9. spviking

    Inquirer Guest

    On Wed, 30 Aug 2006 14:50:30 -0500,
    (Moe Trin) wrote:
    [excerpts]
    >What would be FAR more likely is the installed mal-ware converts this
    >broadband connected system into a support zombie - serving pr0n or SPAM
    >to the world at no cost or risk to the bad-guy.


    Obviously, from the context, 'pr0n' refers to p-orn-ography. What is
    the rationale/explanation behind using this corrupted form.

    Could it be because the correctly-spelled terms are picked-up by
    filters?

    > Now, think of the poor spammer trying to
    >deliver that marvelous offer of p*n*s ex**nder pills to every household in


    If the reason for omitting the obvious letters is anything more than
    simply bypassing filters, let me suggest that one could be more
    delicate- if not somewhat witty as well- by simply subsituting
    something like, "male enhancement pills".
    --
    Email address invalid. Please reply to group. Thank you.
     
    Inquirer, Aug 31, 2006
    #9
  10. spviking

    Todd H. Guest

    Inquirer <> writes:
    > On Wed, 30 Aug 2006 14:50:30 -0500,
    > (Moe Trin) wrote:
    > [excerpts]
    > >What would be FAR more likely is the installed mal-ware converts this
    > >broadband connected system into a support zombie - serving pr0n or SPAM
    > >to the world at no cost or risk to the bad-guy.

    >
    > Obviously, from the context, 'pr0n' refers to p-orn-ography. What is
    > the rationale/explanation behind using this corrupted form.
    >
    > Could it be because the correctly-spelled terms are picked-up by
    > filters?


    http://en.wikipedia.org/wiki/Leet#Pr0n



    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Aug 31, 2006
    #10
  11. spviking

    Rick Merrill Guest

    David H. Lipman wrote:

    > From: "spviking" <>
    >
    > | Yes Moe trin is correct this is what I was referring to. My Cousin uses
    > | Time Warner's Road Runner here in New York and he got his recent
    > | Verizon phone bill and found 600 dollars worth of calls to Cameroon,
    > | Austria and Madagascar. The phone company told him it was likely modem
    > | hijacking (what Moe Trin described). My cousin does not have his phone
    > | line plugged into his computer at all and we cant figure out how this
    > | malware could have effectively charged his phone bill. Sorry I was so
    > | vague initially.
    > |
    > | Thanks again!
    > |
    >
    > Yes. There are Trojan Dialers out there that when installed on a computer will place 900 or
    > "off shore" phone calls to pay for services that can cost $40.00 US per phone call and make
    > numerous phone calls.
    >
    > The term "modem hijacking" is non-standard.
    > Trojan Dialers is the terminology. Those that call 900 number porn content are known as
    > Porn Dialers.
    >
    > Now in relation to your original post. Once infected by a Dialer it doesn't make a
    > difference if you are on Broadband or a Dial-Up (DUN) connection. However if you use DUN,
    > it will own dial out when you are not using the DUN connection. If you are on Broadband you
    > would need a traditional Plain Old Telephone System (POTS) modem (such as a FAX/modem).
    > Cable modems and DSL modems are not traditional modems and can't make telephobne calls.
    >
    > Good article on Dialers.
    > http://anti-spyware-review.toptenreviews.com/spyware/trojan-horse-dialers.html
    >
    > Now if a computer with Broadband has no POTS modem or it has one and NO telephone line is
    > connected to the modem then a Trojan Dialer is a Red Herring and look to people using the
    > telephone and not at malware on the PC.
    >
    > HTH
    >


    Are there Trojan dialers that have hijacked VoIP on a computer?
     
    Rick Merrill, Aug 31, 2006
    #11
  12. spviking

    Moe Trin Guest

    On 30 Aug 2006, in the Usenet newsgroup alt.computer.security, in article
    <>, spviking wrote:

    >Yes Moe trin is correct this is what I was referring to. My Cousin uses
    >Time Warner's Road Runner here in New York and he got his recent
    >Verizon phone bill and found 600 dollars worth of calls to Cameroon,
    >Austria and Madagascar.


    Let's stop here for a moment. Is this cable-modem? Your original post
    said "someone who uses broadband (not dsl)", and unless you are somehow
    using RR to also do the long distance telephone service, or VoIP, and there
    is no telephone line connected to the computer, then Verizon should not be
    involved.

    >The phone company told him it was likely modem hijacking (what Moe Trin
    >described). My cousin does not have his phone line plugged into his
    >computer at all and we cant figure out how this malware could have
    >effectively charged his phone bill.


    Verizon appears to be assuming that you have a modem and telephone line
    connected to it. If this is not the case, contest to charges, and
    contact the state public utilities commission (or what-ever state
    agency regulates the telephone companies).

    Could this have been someone (perhaps a child) calling a 1-900 or 1-976
    number?

    Old guy
     
    Moe Trin, Aug 31, 2006
    #12
  13. David H. Lipman, Aug 31, 2006
    #13
  14. spviking

    Moe Trin Guest

    On Thu, 31 Aug 2006in the Usenet newsgroup alt.computer.security, in article
    <9eIJg.5668$N84.4831@trnddc08>, David H. Lipman wrote:

    >From: "Rick Merrill" <>


    >| Are there Trojan dialers that have hijacked VoIP on a computer?
    >
    >Good question.
    >
    >To date, I have not heard any malware using VoIP capabilities in
    >exploitation or as a payload.


    This doesn't smell right. The internet connection the O/P is talking
    about is from Road Runner. Why would Verizon be involved? Further, in
    the unusual circumstance that Verizon does offer VoIP to Road Runner
    customers, wouldn't this appear as a separate billable item on the
    Verizon bill?

    >I will have to ask around to some peers...


    I don't see why hijacking couldn't take place - but the VoIP billing
    should come from the VoIP provider, which I would expect to be the
    ISP used in this case.

    Old guy
     
    Moe Trin, Sep 1, 2006
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ringo
    Replies:
    5
    Views:
    1,283
    ringo
    Dec 13, 2004
  2. Replies:
    3
    Views:
    858
    no way
    Aug 2, 2004
  3. johnsutherland

    dumping my internet connection

    johnsutherland, May 22, 2005, in forum: Computer Support
    Replies:
    71
    Views:
    1,540
    ellis_jay
    Jun 2, 2005
  4. Toni from T.O.

    Modem hijacking/internet dumping

    Toni from T.O., Nov 2, 2005, in forum: Computer Security
    Replies:
    14
    Views:
    1,060
    Moe Trin
    Nov 5, 2005
  5. Toni from T.O.

    Update on Modem hijacking/internet dumping

    Toni from T.O., Nov 24, 2005, in forum: Computer Security
    Replies:
    9
    Views:
    647
    Moe Trin
    Nov 26, 2005
Loading...

Share This Page