While the main purpose appears to be dialing premium rate numbers owned by attackers or selling phone numbers and call plans that others can use for free, access to VoIP systems could provide cyber criminals with the ability to conduct other attacks, including listening to private calls, cryptomining, or even using compromised systems as a stepping stone towards much more intrusive campaigns...
It's recommended that organizations change default usernames and passwords on devices so they can't easily be exploited and, if possible, analyze call billings on a regular basis for potentially suspicious destinations, volumes of traffic or call patterns.
And most importantly, organizations should apply the required security patches to prevent known vulnerabilities from being exploited. more
