Compromising online accounts by cracking voicemail systems

DEF CON 26

Presented by: Martin Vigo
Date: Friday August 10, 2018
Time: 13:00 - 13:20
Location: Track 1

Voicemail systems have been with us since the 80s. They played a big role in the earlier hacking scene and re-reading those e-zines, articles and tutorials paints an interesting picture. Not much has changed. Not in the technology nor in the attack vectors. Can we leverage the last 30 years innovations to further compromise voicemail systems? And what is the real impact today of pwning these?

In this talk I will cover voicemail systems, it's security and how we can use oldskool techniques and new ones on top of current technology to compromise them. I will discuss the broader impact of gaining unauthorized access to voicemail systems today and introduce a new tool that automates the process.

Martin Vigo

Martin Vigo is a Lead Product Security Engineer and Researcher responsible for Mobile security, Identity and Authentication. He helps design secure systems and applications, conducts security reviews, penetration testing and generally helps keep "the cloud" secure. Martin is also involved in educating developers on security essentials and best practices. Martin has presented several topics including breaking password managers, exploiting Apple's Facetime to create a spy program and mobile app development best practices. These were given at conferences such as Blackhat EU, Ekoparty, Kaspersky Security Analyst Summit and Shakacon. Outside the office, Martin enjoys research, bug bounties, gin tonics and scuba diving. @martin_vigo


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats