How mobile spammers verify the validity of harvested phone numbers

Posted: 28/02/2013 in Uncategorized

source

Have you ever received a blank call, and no one was on the other side of the line? What about a similar blank SMS received through your mobile carrier’s Mail2SMS gateway? There’s a high probability that it was a mobile spammer who’s automatically and efficiently verifying the validity of a recently harvested database of mobile numbers, with QA (Quality Assurance) in mind. These verified databases will be later on used as the foundation for a highly successfulspam/scam/malicious software disseminating campaigns, thanks to the fact that the cybercriminals behind them will no longer be shooting into the dark. How do they do that? What kind of tools do they use?

Let’s find out by profiling a Russian DIY (do it yourself) software vendor, that’s been operating since 2011, and is currently offering a Session Initiation Protocol (SIP) based phone number verification tool, as well as USB-modem based phone number verification application.

More details:

 

Sample screenshot of the DIY mobile number verification tool:

Mobile_Spam_Number_Verification_USB_Modem

The first version of the tool will basically take advantage of a single USB modem, and will automatically attempt to “blank call” a given list of phone numbers, successfully differentiating between a “free line”, “busy line” and “non-existent number” type of results. In order to speed up the process, the second version of the tool allows the use of multiple USB modems to achieve the same objective.

Sample screenshot of the second version of the DIY mobile number verification tool:

Mobile_Spam_Number_Verification_USB_Modem_01

Sample screenshot of the log file of the DIY mobile number verification tool:

Mobile_Spam_Number_Verification_USB_Modem_02

The tool is configured in such a way that every verification attempt costs virtually nothing to the spammer using it.

However, things have greatly changed over the last couple of years, largely thanks to the rise of SIP based communiations, allowing cybercriminals an easy access to much more efficient phone flood, or phone number verification options. Naturally, the vendor behind the original USB modem number verification tool, adapted to this emerging market trend, and is currently offering both, a SIP based phone ring flooding utility, as well as a SIP based mobile number verification tool.

Sample screenshot of the SIP based mobile number verification tool:

Mobile_Spam_Number_Verification_USB_Modem_SIP

As you can see in the attached screenshot, the tool has already managed to verify 10 phone numbers, with 56 more pending verification. Let’s take a peek at the configuration settings.

Sample screenshot of the configuration settings for the DIY SIP based phone number verification tool:

Mobile_Spam_Number_Verification_USB_Modem_SIP_01

The tool allows a potential spammer to manually set up the configuration for the server, or let the tool do the configuration for him, next to setting up intervals and multiple accounts at the SIP server.

Second screenshot of the configuration settings for the SIP based phone number verification tool:

Mobile_Spam_Number_Verification_USB_Modem_SIP_02

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s