Addendum 1 - Lebanon Attack Case Study

NOTE: This article is a continuation of Case Study on the Lebanon Pager Attack

Today, I decided to continue on the case study as the first addendum as the event seems to be growing in magnitude

Latest development

Initially the pagers AR-924 that were involved were assumed to be the only device that was involved in an extensive supply chain compromise.

Source of Pager - Hungary

The initial research points finger to the manufacturer of the AR-924, who is Gold Apollo. An interview with the founder Hsu Ching-kuang confirmed that they worked in collaboration with a Hungary entity BAC Consulting which is located in Budapest. BAC Consulting KFT produce the the device under license of technology from Gold Apollo.

According to Hsu - "There was nothing in those devices that we had manufactured or exported to them [BAC],” Hsu said, noting the pagers “were entirely different” from his designs and contained a chip that Gold Apollo does not use in its own pagers."

BAC consulting seems to have an interesting accounting trail. A one person company in Hungary generating so much revenue?

A further analysis by Guardian shows the weaponization of the AR-924.

At the time reports are emerging that Motorola LX2 and Teletrim pagers are also laced with explosives.

Today, we discuver a more extensive coverage of the IED devices. Walkie-Talkie from a vendor from Japan (ICOM) is found to be tampered similarly with exlosive. The walkie-talkie operates on the VHF band. It doesn't stop there, we see other lithium battery powered devices such as solar systems, laptops, biometrics system and even cars are also affected and found to explode.

The extensiveness of the supply chain attack and corruption is now to be seen to be wide reaching and potential of other type of devices that has been recently bought into the country now comes into suspect.

Weaponization Assessment

One common factor that is observed is the presence of a battery or power source. In this case, a lithium battery is present in all the devices affected. It seems to be the first stage ingiter which powers the second stage that causes the blast.

Impact on Technology & Trust

This issue highlights a key trust component in purchasing equipments that are not manufactured in the destination country. What's alarming is the potential collateral damage if these devices were out of the blast radius and now being distributed out to other countries, through distribution or subsale.

The same happened during Petya/NotPetya nalware, which was targetting a certain country, but got out of hand and started spreading throughout the world.

The impact now far reaches into the very foundation of trust on procuring any devices, even as simple as a mobile phones. Country now have to implement stringent checking to ensure on each and every device crossing into the border to ensure that it is not a ticking time bomb. On one hand, its procuring new devices, but on the other hand,it's ensuring that the sanctity of the current devices now comes into question.

Imagine, having to x-ray every single device, checking one by one for any signs of compromise. From something as a simple as a watch, to a power bank, mobile phones and any electronic equipment. It is no wonder, in some countries, a complete ban of any form of electronic equipment when visiting certain places.

@jtbthought commented in X - Sep 18 -

"It’s 2026. You jump the turnstile in a NYC subway station. Fare evaded - nice!

The Israeli-trained NYPD hits the ‘Explode AirPod’ button linked to your cell phone, killing you instantly, and the old woman next to you."

How would you, as an average consumer, know that you aren't carrying an IED?

Reference

[1] Guardian - https://www.theguardian.com/world/2024/sep/18/hezbollah-pagers-what-do-we-know-about-how-the-attack-happened

[2] NPR - https://www.npr.org/2024/09/18/g-s1-23547/tracking-the-exploding-pagers-used-in-attack-on-hezbollah

This article originally appears at https://drsuresh.net/articles/hezattack1