I was dispatched to a customer who had their BCM50 hacked. I looked at the CDR logs and found they were using the Link Transfer out of the voicemail system. I ran a Mailbox Information report but didn't find anything out of the ordinary. I searched all 11 mailboxes and only one had outbound transfer enabled, and it was to a local number.
I checked the only active CCR tree and the only option in use was to send the caller to a specific mailbox.
Got me stumped... Below is a tidbit of the CDR. You'll notice the "L" and then an international number with a duration of 25 seconds. However, the call lasted a good 15 minutes. This is because once the link transfer was initiated and transferred successfully, the trunk was dropped from the BCM.
Any ideas? Is there a new hacking method I may not know about? Been doing this work for a long time, and I normally can find where the hacking occurred.
-------- 01/14/12 15:16:24 LINE = 0064 STN = 393
BC = SPEECH
00:00:00 INCOMING CALL RINGING 0:00
00:00:14 DIGITS DIALED L
DIGITS DIALED 011xxx3734682
00:00:25 CALL RELEASED
Thanks..
--DB
I checked the only active CCR tree and the only option in use was to send the caller to a specific mailbox.
Got me stumped... Below is a tidbit of the CDR. You'll notice the "L" and then an international number with a duration of 25 seconds. However, the call lasted a good 15 minutes. This is because once the link transfer was initiated and transferred successfully, the trunk was dropped from the BCM.
Any ideas? Is there a new hacking method I may not know about? Been doing this work for a long time, and I normally can find where the hacking occurred.
-------- 01/14/12 15:16:24 LINE = 0064 STN = 393
BC = SPEECH
00:00:00 INCOMING CALL RINGING 0:00
00:00:14 DIGITS DIALED L
DIGITS DIALED 011xxx3734682
00:00:25 CALL RELEASED
Thanks..
--DB