everyone: older news
Lebanon Hacks to Spy
by Brent Kirkpatrick
(Date Published: 1/19/2018.)
This surveillance campaign appears to have used advanced phishing techniques and Trojan applications to hack into mobile devices. After gaining access, the hackers installed their own command and control spyware. They proceeded to collect massive amounts of data, including SMS messages, call records, contact lists, images, account information, browsing data, audio recordings, WiFi details, GPS locations, and corporate and legal documents. The report covers only 81 GB of information, which is believed to be a small fraction of the total taken by the campaign.
The analyzed data was sufficient to reveal the hacker's methods, to reveal their likely identity as the state intelligence agency of Lebanon, and to reveal the reach of the campaign. More than 1000 devices were hacked, including mobile phones and windows computers. These devices had data from at least 20 countries.
This data is only available because the hackers left it on an open, unprotected server. This appears to be only a fraction of the total data taken in this spying campaign with the researchers having tracked 6 similar campaigns, each with their own data server. The reach and scope of this hacking suggests state-sponsored actor. Additionally, there is circumstantial evidence linking what appear to be beta-testing IP addresses to Lebanon's General Directorate of General Security.
defendIT (TM). AI-driven security measures derived from security incident data.