I have been compromised.
I have a distro PBX 14 setup. I have twilio account setup for outbound calling.
Auto refill is enabled on the account.
I have noticed successful calls on switzerland High-Risk Toll Fraud destination.
when I want to check the CDRs and Log files in FreePBX, I can’t find any of the record for those dates like on 26th and 27th I have no record of any
of the log files: CDRS, FreepbxLogs, security logs, fail2ban or any of the logs for those dates.
Now I want to trace those call logs and check how system was breached and we were compromised.
Are there any suggestions to start from.
One Major concern is twilio has those high-risk Toll Fraud destinations by default blocked, then how calls passed to these destinations.
some of the numbers :