This list shows the current Top 20 of SIP fraud attempts against my Asterisk PBX at home. In those attempts, the attacker tries to initiate a phone call through a vulnerable IP-phone system, usually to some number in Palestine. If you operate any kind of IP-based telephony system with SIP service open to the internet, it is extremely important to implement sufficient authorization mechanisms and carefully design your dialplans. Those criminals have already caused millions in damages and there are suspicions that terrorist organizations are involved.

Of course, complaints have been sent to the abuse addresses of the repective ISPs after each incident but most ISP don't do anything about illegal behavior of their customers. The majority simply sends an automatic reply about an opened ticket but never replies, while the attacks continue. That even (especially?) includes larges providers such as Hetzner and even companies which are involved in government or defense contracts, such as L3.

I also started to compile a blacklist of repeated attacking IPs and networks which can be found here.