Microsoft is hacking my Asterisk??? O_o
Christian Kuhtz
chkuhtz at microsoft.com
Tue Nov 3 20:02:06 UTC 2020
https://azure.microsoft.com/en-us/resources/knowledge-center/how-do-i-report-a-security-incident-or-abuse/
How do I report a security incident or abuse?
To report suspected security issues or abuse of Azure, please contact the cert.microsoft.com<https://portal.msrc.microsoft.com/engage/cars> team, which is available 24/7.
From: NANOG <nanog-bounces+chkuhtz=microsoft.com at nanog.org> On Behalf Of Mike Hammett
Sent: Tuesday, November 3, 2020 12:00 PM
To: Max Tulyev <maxtul at netassist.ua>
Cc: nanog at nanog.org
Subject: [EXTERNAL] Re: Microsoft is hacking my Asterisk??? O_o
Azure?
-----
Mike Hammett
Intelligent Computing Solutions<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ics-il.com%2F&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348449036%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=PehbslJLV1QvoCFjaGcWmD8gx0st3Jt54u0CNhlXZfI%3D&reserved=0>
[http://www.ics-il.com/images/fbicon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FICSIL&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348459032%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=NUTpWNYJIuFZatw4ZaMe8uxGV44JP%2FniICj7lndIdHc%3D&reserved=0>[http://www.ics-il.com/images/googleicon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fplus.google.com%2F%2BIntelligentComputingSolutionsDeKalb&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348469032%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=pjnk46f1Kr6igjmDkAYxiO41EQoqwQ3Qi7kIFNAuj%2BU%3D&reserved=0>[http://www.ics-il.com/images/linkedinicon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fintelligent-computing-solutions&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348469032%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=HvRDFSLR1FNb%2BF%2FhLV7MEs3pdo%2Fbcs9EBOxzciEE1ZM%3D&reserved=0>[http://www.ics-il.com/images/twittericon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FICSIL&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348479024%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IdsqBrq5mySWYXWY2PJCDEQx2uSfxnNS2krARMi8cX0%3D&reserved=0>
Midwest Internet Exchange<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.midwest-ix.com%2F&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348489036%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=zOxLFx7J2KciWAgUJeWsJrViINZ3kdAIuw0HybednwE%3D&reserved=0>
[http://www.ics-il.com/images/fbicon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2Fmdwestix&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348489036%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=hmOcqi2P%2BsLgTZkRk8sne37%2BrLFEBn9qeQ41DDTYWFU%3D&reserved=0>[http://www.ics-il.com/images/linkedinicon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fmidwest-internet-exchange&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348499023%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Qxy89R1YH2YaaZSx2x2%2BKPcYTvxapCzvmmzZeq9RSlU%3D&reserved=0>[http://www.ics-il.com/images/twittericon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fmdwestix&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348499023%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=klPXyp6TeXe%2FBGAtPwd%2B77zec2ws59ksDBCGwnhqvI4%3D&reserved=0>
The Brothers WISP<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.thebrotherswisp.com%2F&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348509023%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7dQukUH7Fg3uaqhDsQybgJMExCoekPo7B57%2BVjK%2FYCU%3D&reserved=0>
[http://www.ics-il.com/images/fbicon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2Fthebrotherswisp&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348519019%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=qXu0bFMKf3BsEDqWnObYo7t%2F13mqqPn9E%2BOT8MVfY5Q%3D&reserved=0>[http://www.ics-il.com/images/youtubeicon.png]<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCXSdfxQv7SpoRQYNyLwntZg&data=04%7C01%7Cchkuhtz%40microsoft.com%7C3a3d40dd12ef405010b508d880331f4d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637400304348519019%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=qyRUtvkknUQQApqI%2BRmeQT%2FSm9QhEwOHmRdbX98YEMI%3D&reserved=0>
________________________________
From: "Max Tulyev" <maxtul at netassist.ua<mailto:maxtul at netassist.ua>>
To: nanog at nanog.org<mailto:nanog at nanog.org>
Sent: Tuesday, November 3, 2020 1:55:45 PM
Subject: Microsoft is hacking my Asterisk??? O_o
Hi All,
I have just seen a number of IPs trying to brute-force my VoIP server
from Microsoft network. For example, 13.90.148.133, 20.55.203.249,
40.76.244.210... Traceroute really goes to MSN. More than a half of all
usual attempts to hack my Asterisk I got today, came from MSN.
What is happening? Am I missed something?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20201103/cef7b6fd/attachment.html>
More information about the NANOG
mailing list