Report Links Hacking Campaign to Lebanese Spy Agency

A major hacking operation tied to one of the most powerful security and intelligence agencies in Lebanon has been exposed after careless spies left hundreds of gigabytes of intercepted data exposed to the open internet, according to a report published Thursday.

Mobile security firm Lookout, Inc. and the Electronic Frontier Foundation, a digital rights group, said the haul, which includes nearly half a million intercepted text messages, had simply been left online by hackers linked to Lebanon's General Directorate of General Security.

"It's almost like thieves robbed the bank and forgot to lock the door where they stashed the money," said Mike Murray, Lookout's head of intelligence. Lookout security researcher Michael Flossman said the trove ran the gamut, from Syrian battlefield photos to private phone conversations, passwords and pictures of children's birthday parties.

"It was everything. Literally everything," Flossman said.

Discoveries of state-sponsored cyberespionage campaigns have become commonplace as countries in the Middle East and Asia scramble to match the digital prowess of the United States, China, Russia and other major powers. But Lookout and EFF's report is unusual for the amount of data uncovered about the spying campaign's victims and its operators.

Notably, their report drew on data generated by suspected test devices -- a set of similarly configured phones that appear to have been used to try out the spy software -- to potentially pinpoint the hackers' exact address.

The report said the suspected test devices all seemed to have connected to a WiFi network active at the intersection of Beirut's Pierre Gemayel and Damascus Streets, the location of the bulky, sandstone-colored high-rise that houses Lebanon's General Directorate of General Security.

The Associated Press was able to at least partially verify that finding, sending a reporter to the area around the heavily guarded, antennae-crowned building Wednesday to confirm that the same WiFi network was still...

Comments are closed.