The Pakistani military allegedly coordinated a surveillance operation which collected data from US, UK, and Australian officials and diplomats.

In a report, Lookout said they believe Pakistani military personnel were responsible for targeting civilians, officials, diplomats, and military personnel.

“These tools have been part of a highly targeted intelligence gathering campaign we believe is operated by members of the Pakistani military,” the report stated.

“Our investigation indicates this actor has used these surveillanceware tools to successfully compromise the mobile devices of government officials, members of the military, medical professionals, and civilians.”

The report also states:

“To date, we have observed Stealth Mango being deployed against victims in Pakistan, Afghanistan, India, Iraq, Iran, and the United Arab Emirates. The surveillanceware also retrieved sensitive data from individuals and groups in the United States, Australia, and the United Kingdom.”

At present, Lookout have analysed over 15 gigabytes of data taken from compromised devices, the majority of which is
information that would be relevant to a nation state actor performing espionage activities. Content includes:

• Letters and internal government communications
• Detailed travel information
• Pictures of IDs and passports
• GPS coordinates of pictures and devices
• Legal and medical documents
• Developer information including whiteboard
sessions, account information, and test devices
• Photos of the military, government, and related officials
from closed door meetings including U.S. Army personnel

Lookout’s head of threat intelligence, Michael Flossman, a former Australian Defence Depart­ment employee, has reportedly said that Australian law enforcement authorities had been alerted to the breach that also involved diplomats from Britain and the US.

 

George Allison
George has a degree in Cyber Security from Glasgow Caledonian University and has a keen interest in naval and cyber security matters and has appeared on national radio and television to discuss current events. George is on Twitter at @geoallison

29 COMMENTS

  1. Well! I wasn’t expecting that.

    From Wikipedia:

    Bin Laden was killed within the fortified complex of buildings that was probably built for him,[236] and had reportedly been his home for at least five years.[237][238] The compound was located less than a mile from Pakistan Military Academy and less than 100 kilometers’ drive from Pakistan’s capital.[239][240][241]

      • I think we are at the cutting edge but it’s true, we must strive to keep at the cutting edge and the sharper we can get the better.

  2. The biggest recipient of British foreign aid is …..Pakistan. This is country with:
    1) Very poor Human rights
    2) An active Anti-minority agenda especially Christians who are treated like scum. Which coming from a scummy country in the first place is bad
    3) Has an active Nuclear weapons program which is supposed to be larger than the UKs.
    4) Supports and funds many Islamic terrorist groups
    5) Is currently engaged And has been for the past week) in a bun fight with India , where it has been shelling Indian towns simply because they can. Resulting in India evacuating 80,000 people from the border with Pakistan in the past 7 days
    http://newsweekpakistan.com/border-clashes-continue-between-pakistan-and-india/
    6) Not only has Pakistan more combat aircraft that the Uk, it has more newer (JF17) combat aircraft than the Uk
    7) Pakistan also has over 1000 modern MBTs (the uk has around 200 in service)

    and yet our PC politicians who have no problem celebrating Pakistan’s independence day in the UK (Whilst bemoaning St Georges day as racist) see no problems in handing over Billions in Aid to a polarised third world country whose only gift to the world is intolerance, rape gangs and terrorism.

      • Oh and if you are an aithiest should the gangs not do it first you will very likely be tried and executed for your ‘sins’. Equally they have no more right to even exist as a oh try than Israel and though they do so on similar original principles they are far less tolerant or democratic nor concerned about taking human lives of political/nationalist reasons, yet not a word outside of India is ever mentioned on such an incovenient truth.

    • Pakistan has more combat experience than the UK! Surely not. Has any country more combat experience than the UK? We’ve invaded 98% of the world.

    • This all is a very biased opinion, which is contrary to the facts. yes, Pakistan has the right to protect itself. no matter how bad it hurts those who are initiators of such terrorist/ espionage activities in Pakistan. Yes,, you mess with Pakistan,,, we will be on lookout FOR YOU…BELIEVE

  3. On a more serious note.

    CESG/ GCHQ / HMGCC not doing their jobs properly if Pakistan is able to intercept phones of officials.

    Were they high level officials? These people’s phones are usually proofed against such attacks?

    And if they were I hope papers like the Guardian take note that actually spying goes on the world over and it’s not just the evil west doing it.

    Yet another strand of the PC self hate so well described by farouk in his post above.

    • Reading some of the more detailed reporting it’s not clear to me that the UK authorities really could have done anything against this. UK personnel were not targeted and from how I read the reports no malicious software was found on any of their devices. Sadly UKDJ truncated a critical piece from the quote they took from the report. The full quote is…

      “To date, we have observed Stealth Mango being deployed against victims in Pakistan, Afghanistan, India, Iraq, Iran, and the United Arab Emirates,” Lookout researchers said in a report. “The surveillanceware also retrieved sensitive data from individuals and groups in the United States, Australia, and the United Kingdom. These individuals and groups were not themselves targeted, but interacted with individuals whose devices had been compromised by Stealth Mango or Tangelo.”

      [ Source: https://info.lookout.com/rs/051-ESQ-475/images/lookout-stealth-mango-srr-us.pdf ]

      So UK leakage of info was from interacting with compromised endpoints. StealthMango/Tangelo captures things like photos, contact numbers, calendar entries etc. To the extent that UK (and US etc) personnel might have called, texted, been in photos, arranged meetings, sent letters etc that were stored on a compromised endpoint there will have been data leakage but this is far from a “Pakistan hacked our (U.K.) phones” story.

      • Good post cheers Julian.

        Clearly not so obvious as a direct attack on supposedly secure phones but a more data mining sort of thing on the peripheries.

        • Well, it was a direct attack on the phones of victims in Pakistan, Afghanistan, India, Iraq, Iran and UAE. Presumably because the phones that were compromised had sensitive data on them info implies that at least some of them were presumably supposed to be secure by those countries’ standards.

          Whether that group of phones was chosen as a deliberate attack vector against UK/USA/etc information or whether the operation was specifically against the affected phones and any incoming information gathered was viewed as a collateral benefit we (the likes of you and I outside of the security bubble) will likely never know.

          • Course not. But I have every confidence GCHQ have it all in hand and are replying in kind ten times over.

  4. Let’s cut their contingent of the foreign aid budget.

    Use some of the money to help our own service personnel when they leave their service. The fact that we have veterans on the streets is appalling, and the treatment of both Ghurkas and Afghan interpreters has been horrendous. And we still have the PC lynch mob chasing British veterans for alleged crimes committed in Iraq, Afghanistan, and Ulster, whilst the real bad eggs still walk among society? Of course, it’s okay for the IRA to blow something up, but if a British soldier shoots someone for running away? Lock him up! These men need our full support for their service, not continued questioning over previous events.

    And then we have the response to Hurricane Irma (which our armed forces played a fantastic role) which was at first, found wanting. Let’s remember, many of the territories affected were British Overseas Territories or Commonwealth realms. We should -and must- support them. And despite this, and the troubles facing our veterans, we can find millions for corrupt overseas nations? Absolutely abhorrent.

    Aid acts as a crucial part of our soft power – particularly humanitarian aid; which is extremely visible on the world’s stage. But you have to as yourself; shouldn’t we protect our own first?

    • Another good post.

      But Lusty. That is the whole point of PC is it not? Since when does protecting or putting your own first ever come into it when in fact belittling your own while emphasising the needs and requirements of others is PC in a nutshell.

      There really needs to be open national debate on this, maybe a referendum? Oh wait!

      • Well pardon my French, but sod PC.

        I fully agree that we need to continue with overseas aid in all its forms. It significantly helps us with our soft power as I mentioned, and will play a key role in continuing to develop ‘Global Britain’.

        But that said, I do feel we must be more stringent on who receives our aid. Our own ruling and the international ruling must change. I mean, And prior to Irma, we couldn’t even use our aid budget for our Caribbean territories in the event of a disaster!

        Responding to natural and humanitarian disasters is a no-brainer; but funding corrupt governments and projects within their country? No thanks. In my opinion, we should use their earmarked money for UK development projects – both at home and in our overseas territories, veteran support, and increased funding for the armed forces.

        We must break this mantra we have of criticising our own and our history. It’s in the past, we can’t change it – but we can learn from it. If these PC Wombles want true equality, then they must realise that British and Foreign citizens must be treated equally when it comes to this – and those that have served our nation must have the support they need.

        I agree that there should be a national debate on this, but a referendum? Well, our political parties like to turn them into an unnecessary shit storm – so let’s leave it at a debate eh? 😛

        • The referendum bit was tongue in cheekbone my part.

          I mean, look at the current crap underway.

          I trusted that vote, I proudly voted leave and I have no faith Whatsoever that the government will carry out my wishes.

  5. Pakistan belongs to China now ,cut ties with that backwards country and fully align ourselves with India, if they can sort their internal issues out they’ll be the only economic and military counter to China in Asia at least in terms of available manpower and industrial capacity. That being said they’ve got a long way to go before they can realise their potential

    • In India the Hindu people need to understand Christianity should be encouraged and in China the communist government need to understand Christianity needs to be encouraged. Happy days!

  6. Its far more serious than any attack on military cyber / data … they were after the English Test team tactics and ground information and why they beat us by 9 wickets …

    Now THAT is serious ….

LEAVE A REPLY

Please enter your comment!
Please enter your name here