Hacker Gets 10 Years for Infiltrating VoIP Networks and Reselling Services for Profit

A 27-year-old Venezuelan man convicted of stealing and reselling more than 10 million VoIP minutes has been sentenced to 10 years in prison, according to a report on Maximum PC.

The report said that Edwin Pena's VoIP bootlegging operation came about after he and his accomplices forced their way through more than 15 networks belonging to various telecom and VoIP companies.

He is the first individual ever charged with hacking into the networks of Voice over Internet Protocol “VoIP” providers and reselling hacked VoIP services for a profit, U.S. Attorney Paul J. Fishman announced.

In February 2009, Pena was indicted for conspiracy to secretly hack into the computer networks of unsuspecting VoIP phone service providers; conspiracy to commit wire fraud by transmitting telephone calls over the victims’ networks; and individual hacking and wire fraud counts.

At his plea hearing, Pena, who purported to be a legitimate wholesaler of these Internet-based phone services, admitted that he sold discounted service plans to his unsuspecting customers. Pena admitted that he was able to offer such low prices because he would secretly hack into the computer networks of unsuspecting VoIP providers, including one Newark-based company, to route his customers’ calls.

Through this scheme, Pena is alleged to have sold more than 10 million minutes of Internet phone service to telecom businesses at deeply discounted rates, causing a loss of more than $1.4 million in less than a year. The victimized Newark-based company, which transmits VoIP services for other telecom businesses, was billed for more than 500,000 unauthorized telephone calls routed through its calling network that were “sold” to the defendant’s unwitting customers at those deeply discounted rates.

Pena admitted that rather than purchase VoIP telephone routes for resale, Pena—unbeknownst to his customers—created what amounted to “free” routes by surreptitiously hacking into the computer networks of unwitting, legitimate VoIP telephone service providers and routing his customers’ calls in such a way as to avoid detection.

After receiving information from Moore, Pena reprogrammed the vulnerable computer networks to accept VoIP telephone call traffic. He then routed the VoIP calls of his customers over those networks. In this way, Pena made it appear to the VoIP telephone service providers that the calls were coming from a third party’s network.

By sending calls to the VoIP telephone service providers through the unsuspecting third parties’ networks, the VoIP telephone service providers were unable to identify the true sender of the calls for billing purposes. Consequently, individual VoIP telecom providers incurred aggregate routing costs of up to approximately $300,000 per provider, without being able to identify and bill Pena.

Find out more about VoIP technology at ITEXPO West 2010. To be held Oct. 4 to 6 in Los Angeles, ITEXPO (News - Alert) is the world’s premier IP communications event. Don’t wait. Register now.