The Pakistani military allegedly coordinated a surveillance operation which collected data from US, UK, and Australian officials and diplomats.
In a report, Lookout said they believe Pakistani military personnel were responsible for targeting civilians, officials, diplomats, and military personnel.
“These tools have been part of a highly targeted intelligence gathering campaign we believe is operated by members of the Pakistani military,” the report stated.
“Our investigation indicates this actor has used these surveillanceware tools to successfully compromise the mobile devices of government officials, members of the military, medical professionals, and civilians.”
The report also states:
“To date, we have observed Stealth Mango being deployed against victims in Pakistan, Afghanistan, India, Iraq, Iran, and the United Arab Emirates. The surveillanceware also retrieved sensitive data from individuals and groups in the United States, Australia, and the United Kingdom.”
At present, Lookout have analysed over 15 gigabytes of data taken from compromised devices, the majority of which is
information that would be relevant to a nation state actor performing espionage activities. Content includes:
• Letters and internal government communications
• Detailed travel information
• Pictures of IDs and passports
• GPS coordinates of pictures and devices
• Legal and medical documents
• Developer information including whiteboard
sessions, account information, and test devices
• Photos of the military, government, and related officials
from closed door meetings including U.S. Army personnel
Lookout’s head of threat intelligence, Michael Flossman, a former Australian Defence Department employee, has reportedly said that Australian law enforcement authorities had been alerted to the breach that also involved diplomats from Britain and the US.