Hacker explains: Why are electronics exploding in Lebanon?

00:00

several of my friends have reached out

00:01

to me and said hey you work with

00:03

electronics pretty often I know that

00:05

you've done some manufacturing uh what

00:07

exactly happened here like do I need to

00:09

be worried about my cell phone or my

00:11

toaster or my laptop or what really is

00:13

going on uh so today I'm going to take

00:16

some questions in regards to the ongoing

00:19

situation with pagers walkie-talkies and

00:22

other devices all specifically within

00:24

the country of Lebanon so uh yeah pretty

00:27

crazy developing story I'm going to go

00:29

ahead and put this on the screen just

00:31

because uh it was the thing that I was

00:34

tagged in most often also I wanted to

00:37

shout out uh anybody who wants to kind

00:40

of share a story with me or get

00:41

something to talk about on the stream uh

00:44

you can do that on my Mastadon account

00:47

so I left Twitter a while ago just

00:50

because um you know like things were

00:52

were I think it was oh yeah December

00:54

2022 uh if you want to tag me on a story

00:57

you can always go to infos sec. exchange

00:59

uh uh I am right here and this is how I

01:02

originally found out about the story I

01:04

was tagged really early and uh yeah so

01:07

uh thank you to uh tag hunt for tagging

01:10

me on the story uh the second that I saw

01:12

it I knew that we were going to discuss

01:14

it today so yeah if you got a tip if you

01:16

got something you want to talk about on

01:18

the stream probably the fastest way is

01:19

tagging me there but of course I'm also

01:21

going to go through our YouTube comments

01:23

this week as well so oh also good to see

01:26

everybody on the stream James uh SAQ uh

01:29

a cat uh we are early here but already

01:34

have some interesting stuff to cover so

01:36

all right again let me pull up the story

01:37

so it appears that yesterday um a number

01:41

of electronic devices exploded so this

01:43

was actually the one from today we also

01:46

have where's the first story here we go

01:49

um a bunch of uh pagers exploding

01:53

yesterday here we go uh all traced to a

01:56

company called Apollo gold so a while

01:59

ago this military organization had

02:01

decided that cell phones were too

02:03

vulnerable to being tracked so they

02:05

wanted to switch over to something that

02:06

was like receive only and kind of went

02:09

backwards towards uh electronics that

02:11

haven't been used at least for uh for me

02:14

anyway uh for a very long time so I

02:16

haven't seen a pager functional in a

02:18

while uh except for on like maybe

02:20

medical professionals or things like

02:21

that but uh these pagers are still in

02:24

use and in particular they allow you to

02:26

just receive instead of be connected to

02:30

Network and then constantly update your

02:31

location maybe it makes you a little

02:33

harder to track I don't really totally

02:35

understand the the decision to to go

02:37

back to using pagers and why it offered

02:39

so many specific benefits but that was

02:41

the decision so there is a company uh

02:45

called apoll gold that makes these pages

02:47

that are very popular they're rugged

02:48

they they work well uh but they also

02:51

license the ability to manufacture their

02:54

product to other companies so if you're

02:56

a company that has x amount of money you

02:59

can set yourself up and make it so that

03:01

you have all the necessary uh files and

03:04

everything to manufacture this product

03:06

and sell it for yourself if you wanted

03:08

to make a small modification like

03:10

possibly modifying the battery or other

03:12

elements of the circuit board or even

03:14

the programming then that might be in

03:17

violation of your terms of license but

03:18

it would be completely uh something that

03:20

you could do because once you license a

03:23

design like this you're kind of setting

03:24

yourself to be up uh to be able to

03:26

manufacture it yourself provided you

03:28

abide by the terms of that licensing so

03:30

what it looks like here is early

03:33

speculation was like oh somebody snuck

03:34

into this company's warehouse and

03:36

switched everything but it looks like

03:38

the reality was much more of a supply

03:40

chain attack so this is again I am uh a

03:44

Electronics person that manufactures uh

03:46

printed circuit boards and functional

03:48

Electronics with a team of people who

03:49

are much more experienced than myself uh

03:52

fairly regularly so when it comes to my

03:54

experience with uh Electronic Supply

03:57

chains and Licensing and that sort of

03:58

thing like I I worked around this enough

04:00

to to kind of see how clever this was

04:03

when it comes to having access to a

04:05

design all the schematics everything you

04:07

would need and then being able to

04:09

manufacture it legally uh at least at

04:12

first when when it's not exploding uh in

04:15

a way that is very very difficult to

04:16

trace the electronic supply chain is

04:18

very muddy there's a lot of kind of the

04:20

white label manufacturers well where

04:23

maybe they have a factory and they'll

04:24

gain the right to create a certain

04:26

product but they're not the original

04:28

manufacturer so that that appears to be

04:30

what happened here when it comes to the

04:32

first wave of devices where originally

04:35

people were suspicious maybe this

04:36

company had been infiltrated but it

04:38

seemed like they were merely licensing

04:39

their products so is it likely that your

04:42

cell phone or toaster or whatever is

04:43

going to explode no because it looks

04:45

like a highly sophisticated infiltration

04:48

of a supply chain that allowed uh the

04:51

perpetrators here to be able to uh put

04:53

out a device that functions normally and

04:57

then at a predetermined time received

05:00

software instructions to uh rapidly heat

05:03

the battery and cause a second element

05:06

to explode now it uh it's kind of

05:09

difficult to say exactly what was done

05:11

here like was the material in the print

05:13

circuit board uh perhaps like combined

05:16

with something that was explosive like

05:17

was there an element added to the

05:19

battery that uh was explosive like and

05:22

maybe more efficient battery material

05:23

was used in a in a smaller area it's not

05:26

really known here but what is known is

05:28

that this was not just lithium battery

05:30

overheating I saw some people saying

05:32

like you know any device could be uh

05:35

theoretically caused to do this and that

05:37

is absolutely not the case so that's the

05:38

number one thing I wanted to to spell

05:41

I've seen a lot of uh examples uh let's

05:44

say of lithium batteries overheating

05:46

exploding um shorting out you name it

05:49

I've made a lot of mistakes in

05:50

electronics and for example some of the

05:52

batteries around like ebikes or like

05:55

scooters are huge and if you make a

05:57

mistake with them um a lot of energy

05:59

will shoot out it's very energy dense it

06:01

causes a fire but they don't exactly

06:04

explode um a lot of energy is released

06:06

very quickly they burn very fast but

06:08

it's not a detonation and what I saw in

06:10

a lot of the videos here was definitely

06:12

a detonation uh a material that was

06:14

exploding so fast that it was causing

06:15

damage through a blast wave and shrapnel

06:17

that is not something that just happens

06:19

with a regular battery so uh unless your

06:22

specific device was compromised at this

06:25

Source it is not capable of uh exploding

06:28

the way that we've seen in some of these

06:30

videos so like some people who reached

06:32

out to me in uh you know my friends were

06:35

uh just curious like is it possible to

06:38

hack a device so hard that it just

06:40

explodes in this way and while it is

06:42

possible to cause a fire and it is

06:44

possible to maybe like you know burn

06:46

like burn someone or uh cause damage

06:48

it's certainly not possible to turn it

06:50

into a device that throws that much

06:52

shrapnel at least the way that we're

06:53

seeing in this case so absolutely the

06:57

wildest news I've seen probably in in

07:00

five years I think like of of uh just

07:03

covering like security news and uh just

07:05

keeping an eye on this like this is a

07:08

incredibly sophisticated supply chain

07:09

attack that took advantage of Licensing

07:12

it took advantage of software knoow it

07:15

took advantage of chemistry knowhow and

07:18

it also took advantage of uh electronics

07:21

and Manufacturing knowhow so being able

07:23

to produce a commercial copy of

07:25

something and add new technology to it

07:27

seal it have it operate for six months

07:30

and then in a targeted fashion have it

07:32

uh explode only in a single country um I

07:35

mean and I don't think anyone's said

07:37

this but did nobody who owned one of

07:39

these devices fly like in that period of

07:43

time anywhere uh or what sort of

07:46

screening did this have to pass through

07:48

in order for it to remain undetected for

07:49

six months like you would think that

07:51

International Air Travel like might have

07:54

ruined that whole surprise but anyway

07:57

like what I guess my my number one

07:59

reaction all of this is how many other

08:02

completely unrelated actors on like on

08:05

other stages around the world were

08:07

planning some sort of reveal that

08:08

involved an exploding device whose

08:10

millions of dollars of work is now

08:12

ruined by this event because people are

08:14

going to of course like you know I think

08:17

most countries are gonna be like all

08:18

right wow we really need need to examine

08:19

this and probably discover other

08:21

potentially unrelated plots to insert

08:24

similar things into Supply chains as a

08:26

result so really stunning that this is

08:28

going to make people read examine Supply

08:30

chains in a crucial way and see it as an

08:33

issue of National Security never again U

08:36

never again will uh we be ignorant to

08:38

the possibility that a well infiltrated

08:41

supply chain can have incredibly serious

08:43

consequences so like you know normally

08:45

this would be like oh no somebody put a

08:47

spy chip by you know creating commercial

08:49

copies this is not a spy chip this is an

08:52

explody box uh that was added instead so

08:55

um truly a stunning attack obviously

08:58

that's why I was tagged in it so often

08:59

like I I appreciate the complexity of

09:01

this you have to have modifications to

09:03

the original software or at least

09:05

something that's able to cause what

09:06

seems like a thermal runaway with a

09:08

battery that heats like a a secondary or

09:10

something that's uh very sensitive to a

09:13

particular temperature to then go off

09:15

and Trigger the rest of the explosive um

09:17

there's a lot of speculatory information

09:19

out there so uh just try to stick to the

09:22

facts on this one um but yeah uh some

09:25

pretty crazy stuff coming out today and

09:28

just wanted to calm anyone's who for one

09:30

is maybe like pushing their Electronics

09:32

to the side worrying if like any LiPo

09:35

battery could do this no it does not

09:36

look like that is the case um this is

09:38

truly like on the sucket level of crazy

09:43

uh targeted attacks when it comes to

09:44

electronics software infiltration

09:47

Hardware infiltration you name it um

09:49

this is quite an interesting developing

09:52

story so I'm sure a lot of people in the

09:54

electronic uh electronics world world

09:56

are going to be talking about this uh

09:58

people in the ha world are definitely

10:00

talking about this uh and it's a story

10:02

you're probably going to see continuing

10:03

to pop up as the story develop now the

10:05

fact that additional devices exploded

10:08

today is something that I haven't even

10:10

covered yet so uh today I saw several

10:13

videos uh showing Walky talkies also

10:16

exploding and it was mentioned that

10:18

other quote other electronic devices

10:19

were also uh exploding so these uh seem

10:23

to be a bit more deadly in terms of

10:26

actually like causing casualties from

10:28

what was reported Ed but if you look at

10:30

some of these photos it very much and

10:33

from having owned radios like this it

10:34

very much looks like the battery unit is

10:37

what exploded here the battery unit

10:38

Clips onto the back of these sorts of

10:39

radios I've used them when I was a

10:41

security guard uh and not this exact

10:43

model but other Motorola radios and when

10:46

the battery is clipped out in the back

10:47

here there's a very large battery unit

10:49

that is attached right here um that also

10:52

communicates with the rest of the device

10:54

through a little bust so it is possible

10:56

if the firmware was modified on these

10:58

that a signal from uh the radio could

11:02

cause the battery to heat up and then

11:04

possibly explode so kind of seeing a

11:07

pattern developing here uh but we will

11:10

have to see if there's any more

11:11

information or details about this uh

11:12

later in the day for now that's really

11:15

all the information we have and again it

11:17

does seem like this is something that

11:19

has to do with the electronic supply

11:21

chain um legally licensing some of these

11:24

designs and then producing copies um

11:27

which again requires a stunning amount

11:28

of technolog know how to make sure that

11:30

you're creating functional devices that

11:32

are getting no complaints that operate

11:34

as intended but also include new

11:36

technology that's able to uh you know

11:39

survive potentially getting left in a

11:41

hot car flying on an airplane or other

11:43

sorts of things that would like uncover

11:46

uh other attempts to do this sort of

11:48

thing so really gonna gonna have to have

11:50

a lot of these questions answered before

11:52

we know all the information but yes

11:53

thank you all for tagging me in this um

11:55

as an Electronics person I was talking

11:57

with this with some of my uh talking

11:59

with some of my colleagues about this

12:00

last night just about uh how

12:03

sophisticated of an attack this was and

12:04

how uh targeted at the same time it was

12:07

some people were also calling this an

12:08

incredibly uh targeted uh strike in that

12:12

it only went after specific devices so

12:15

uh that means that there was a signal or

12:17

a message that caused an

12:18

error I think it was CNN that was

12:20

reporting that there was an error

12:22

message that was transmitted to all the

12:23

devices that uh attempted to explode uh

12:26

so the fact that this was targeted

12:28

against specific devices uh it wasn't

12:30

like every device uh that was sold all

12:32

exploded at the same time it was

12:34

actually a message that was sent to the

12:35

device that caused it to uh go off so

12:39

yeah uh lot to absorb today um I've

12:41

spent uh several hours kind of trying to

12:44

keep up with what's going on looking at

12:46

photos uh chatting with other people

12:48

that are uh kind of interested in it and

12:50

uh yeah it's been a lot