your voice across the line gives me a strange sensation

So, we looked into the fake phone call to Mr 10%’s office. We even did a little HOWTO. If you recall, we concluded that you needed a bulk SIP carrier sufficiently unscrupulous or clue-light that they didn’t verify the CLI string you passed them, but who hadn’t yet offended at least one major telco in good standing. That, and a copy of Asterisk.

Here’s something really interesting. The Indian government has just issued a dossier. (Yeah, one of them.) What purports to be a copy is here. In it, it is claimed that the terrorists who attacked Mumbai received calls from a telephone number assigned by a small US SIP provider, which among other things offers a virtual-number service. This essentially forwards calls to that number to any user-defined number, SIP id, or what have you.

According to the Indian side, the person who bought the number stated that they were in India, but the bill was paid in advance with a wire transfer originating in Pakistan. The company in question, interestingly enough, offers numbers in Pakistan; but we know that the call to the Pakistani presidency identified as coming from a number in India. There is more information in this article; apparently they also registered inbound numbers (DIDs) in Austria at the same time.

This looks a lot like a reasonable set up to obfuscate the other parties to the calls, whoever they were. It’s also interesting to see that the terrorists made at least one serious mistake; they left a satellite phone on the trawler they used to launch the attack. This is likely to be an important source of information that somebody really should have thrown in the sea.


  1. 1 police and thieves « Alternate Seat of TYR

    […] Instead, they attempted to use the Internet to influence the political leadership – they placed a call to the Pakistani president’s office, spoofing the calling line identification message in order to give credibility to their effort to pose as the Indian foreign minister. My technical analysis is here; the Indian government’s investigation later showed that the attackers set up a VoIP network with nodes in the US and Austria for their own use. […]

  2. 2 Abu Asterisk strikes again… « Alternate Seat of TYR

    […] <a href="telephony used both a virtual number service in the US, and DID numbers registered in Austria and pointing at a VoIP system. This could just be an artefact of a data set of two, of course, or […]




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s



%d bloggers like this: