The Czech Security Intelligence Service (BIS) has intervened and taken down servers that have been used by Hezbollah operatives to target and infect users around the globe with mobile malware.
“I cannot comment on the details, but I can confirm that BIS has played a significant role in identifying and uncovering the hackers’ system,” said Michal Koudelka, BIS Director.
“We identified the victims and traced the attack to its source facilities,” Koudelka said, adding “Hacker servers have been shut down.” BIS said the servers were located in the Czech Republic, and the agency was “almost certain” they were operated by Hezbollah.
Hezbollah operatives operated by creating Facebook profiles, posing as attractive women, and reaching out to selected targets. The goal of the operation was to engage the target in private discussions and convince it to install a third-party instant messaging application to continue the conversation via this second, malware-infested app.