By John Gruber
1Password — Secure every sign-in for every app on every device.
Sheera Frenkel and Ronen Bergman, reporting for The New York Times:
Israel carried out its operation against Hezbollah on Tuesday by hiding explosive material within a new batch of Taiwanese-made pagers imported into Lebanon, according to American and other officials briefed on the operation.
The pagers, which Hezbollah had ordered from Gold Apollo in Taiwan, had been tampered with before they reached Lebanon, according to some of the officials. Most were the company’s AP924 model, though three other Gold Apollo models were also included in the shipment.
The explosive material, as little as one to two ounces, was implanted next to the battery in each pager, two of the officials said. A switch was also embedded that could be triggered remotely to detonate the explosives.
At 3:30 p.m. in Lebanon, the pagers received a message that appeared as though it was coming from Hezbollah’s leadership, two of the officials said. Instead, the message activated the explosives. Lebanon’s health minister told state media at least nine people were killed and more than 2,800 injured.
The devices were programmed to beep for several seconds before exploding, according to three of the officials.
Hezbollah leadership had ordered its members to forgo modern phones for security reasons, convinced (probably correctly) that Israeli intelligence was able to track them. So they switched to decades-old pagers. But Israel seemingly infiltrated the supply chain of Gold Apollo and boobytrapped the pagers.
In the initial pandemonium after the attack was triggered, there was speculation that, somehow, it was simply the batteries that exploded. But batteries — especially the AAA batteries these pagers use — don’t explode with that much force:
Independent cybersecurity experts who have studied footage of the attacks said it was clear that the strength and speed of the explosions were caused by a type of explosive material.
“These pagers were likely modified in some way to cause these types of explosions — the size and strength of the explosion indicates it was not just the battery,” said Mikko Hypponen, a research specialist at the software company WithSecure and a cybercrime adviser to Europol.
This whole operation sounds like it would make for a great movie.
(Hypponen, whom I believe I met, at least once, at a long-ago Macworld Expo or WWDC, was previously referenced on DF in 2012 regarding a widespread Mac Trojan horse.)
★ Tuesday, 17 September 2024