Latest in Gear

Image credit: JOSEPH EID via Getty Images

Lebanese hackers stole a ton of data then left it on an open server

A Lebanese intelligence agency is thought to be behind the massive hacking campaign.
289 Shares
Share
Tweet
Share
Save

Sponsored Links

JOSEPH EID via Getty Images

The Electronic Frontier Foundation and mobile security company Lookout released a report today detailing a major hacking campaign -- dubbed Dark Caracal -- that's believed to have originated from Lebanon's General Directorate of General Security (GDGS), one of the country's intelligence agencies. The companies found information gathered from thousands of victims from over 20 countries through espionage efforts extending back to 2012. Targets included military personnel, journalists, activists, financial institutions and manufacturing companies and some of the stolen data included documents, call records, texts, contact information and photos. Michael Flossman, a Lookout security researcher, told the Associated Press, "It was everything. Literally everything."

The hackers used malicious apps that resembled legitimate communication platforms like Signal and WhatsApp to steal the trove of data, loading up the fake versions with malware that allowed them to tap into users' conversations. "One of the interesting things about this ongoing attack is that it doesn't require a sophisticated or expensive exploit," EFF Staff Technologist Cooper Quintin said in a statement. "Instead, all Dark Caracal needed was application permissions that users themselves granted when they downloaded the apps, not realizing that they contained malware." However, the hackers' storage of the stolen info also wasn't terribly sophisticated, as it was all left exposed online on an unprotected server. "It's almost like thieves robbed the bank and forgot to lock the door where they stashed the money," Mike Murray, Lookout's head of intelligence, told the AP.

The EFF and Lookout were able to link the data to a WiFi network coinciding with the location of Lebanon's GDGS. "Based on the available evidence, it is likely that the GDGS is associated with or directly supporting the actors behind Dark Caracal," noted the report. EFF Director of Cybersecurity Eva Galperin said that pinpointing the campaign to such a precise location was remarkable, telling the AP, "We were able to take advantage of extraordinarily poor operational security."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
289 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
iFixit's iPhone 11 Pro Max teardown investigates charging rumors

iFixit's iPhone 11 Pro Max teardown investigates charging rumors

View
TiVo wants to make a comeback with $50 Android TV dongle

TiVo wants to make a comeback with $50 Android TV dongle

View
Neo Geo retro stick console includes 'King of Fighters,' 'Samurai Shodown'

Neo Geo retro stick console includes 'King of Fighters,' 'Samurai Shodown'

View
Watch the 'Android' Nokia phone that never had a chance to exist

Watch the 'Android' Nokia phone that never had a chance to exist

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr