This week's VoIP megahack: just what's needed to scare away the risk-averse

Accused (you are presumed innocent until proven guilty) Internet telephony hacker Edwin Andres Pena was arrested earlier this week on charges of illegally tapping into the lines of legitimate Internet phone companies, and then collecting more than $1  million in connection fees.

Prosecutors charged Pensa in a scheme that involved him creating two companies to offer pffer wholesale phone connections to small Internet phone companies at discounted rates.

Instead of buying this access himself and reselling it, Mr. Pena is thought to have paid $20,000 to Robert Moore of Spokane, Wash. Moore, who was also arrested, is accused of hacking into the computer networks of on-the-level VoIP providers, and then routing his customers cals over those systems.

A New York Times story that ran on Wednesday noted that a VoIP provider based in Newark, N.J., received 500,000 of those spoofed, hack-generated calls.

I need to know more about how this hack took place, but it sure sounds like these gents may have found an exploitable vulnerability in VoIP security.

Just what the technology needs to scare away potential VoIP adopters who are interested in saving money, but tend to err toward risk aversiveness.