Asterisk security issue

Dear partners,

Due to wide usage of asterisk-based solution by range of customers and existing security issues with Asterisk we kindly ask you to pay closer attention to such customers of yours.
These security issues can lead to big losses caused by "brute force" attacks and generating calls to extremely expensive destinations or premium numbers like Austria Premium, Somalia, Ethiopia, Sierra Leone, etc. Calls happened during night time with unusually high ASR (close to 90%) and ACD (over 15 minutes) parameters.

Solutions are publicly known and described on asterisk website.
Please pay attention to chapters from http://www.asterisk.org/docs
Security
Introduction
Network Security
Dial plan Security
Log Security

Hope that this friendly reminder will keep your business wealthy.

Here is a situation that happens with our partner:

Late in the evening cheater authorized as one of the registered Asterisk users and start sending traffic to expensive destination Sierra Leone Freetown. All numbers are multichannel with several interconnections at one time and call duration from 1 to 26 minutes.

Numbers:

23222281442

23222281431

23222281441

23222281440

23222281202

23222281200

23224001204

23224001204

23222281190

23222281154

23222281154

23222289445

23222289443

23222289444

23222289439

23222289445

When you call to any number there are no RBT (ring back tone), connection delay is 7-10 sec. and you hear only tariffing silence.

Apparently these numbers connected to equipment, working as FAS machine.