How could hundreds of Hezbollah pagers explode at the same time?

For specialists, an overheating of the battery would not be enough to trigger such detonations: explosive charges were probably added to the pagers used by the Lebanese Islamist movement. It remains to be determined when.

They were carrying small bombs in their pockets without knowing it. Hundreds of beepers (radio communication devices) used by Hezbollah exploded simultaneously across Lebanon on Tuesday, September 17, killing at least twelve and injuring nearly 2,800 members of the Lebanese Islamist movement and their relatives, according to the Lebanese Ministry of Health.

How could such an event have happened? The number and timing of the explosions cast doubt on the idea of ​​a technical problem. Hezbollah quickly accused Israel of being “fully responsible” of what is presented as a coordinated attack. But is such an attack possible, and how?

Since we are talking about electronic communication devices, the theory of hacking was quick to emerge. Speaking to franceinfo, Yehoshua Kalisky, a researcher at the Israeli Institute for Security, mentioned, among other things, the possibility that particular radio waves could have been used to overheat the batteries of the pagers, to the point of making them explode. An idea that is all the easier to imagine since lithium-ion batteries like those in electric vehicles sometimes catch fire unexpectedly.

But many experts say the explosions, some of which have been caught on camera, are far too violent to have come from the battery alone. When it overheats, a lithium-ion battery typically starts by emitting smoke and catching fire for a short time before actually exploding, as seen in several videos on the subject. Samsung’s Galaxy Note 7 smartphone was recalled in 2017 because its batteries could catch fire and explode, but no one was killed and injuries were limited – even though a smartphone battery is much larger than a pager’s battery.

“I can’t really imagine a lithium battery exploding and killing someone. Third-degree burns, okay.”Kyle Wiens, head of iFixit, an organization specializing in components and repairability of electronic devices, told specialist website 404 Media. “The size and power of the explosion show that it was not just the battery”also esteemed by the New York Times Mikko Hypponen, IT security expert and advisor to Europol.

The theory favored today by many experts is that of a “supply chain attack” : an attack on the supply chain, i.e. a modification or exchange of the devices during their manufacture or at a stage of their delivery. An explosive charge that could be activated remotely using a specific signal would then have been integrated into the pagers.

The complexity of such a modification is not insignificant. In addition to the explosive charge, the beeper must be able to detect the message and send the signal to the explosive, which requires at least additional components and electrical cables, underlines “MG”, pseudonym of a specialist in computer hardware and lithium battery testing, on the X network. A signal capable of detonating the desired devices at the same time is also required.

If this hypothesis is valid, the question remains: when the addition of the explosive charge took place: directly in the factory responsible for manufacturing? Was the explosive charge added to the devices in transit? Or were the original beepers exchanged for booby-trapped devices during delivery?

An unnamed Hezbollah official told the Associated Press that the beepers were from a brand the group had not used before: Gold Apollo. The Taiwanese group that owns the brand said Wednesday that the devices that exploded were produced and sold by a partner company, BAC Consulting, based in Hungary. “Our company only provides authorization to use the brand and is not involved in their design and manufacturing. (…) The design and manufacturing of the products are the sole responsibility of BAC”Gold Apollo assured in a statement. BAC Consulting is registered in Budapest, but it officially has only one employee, and the official address is a simple mailbox with no physical presence, according to AFP.

Israel, which has been blamed by Hezbollah, has not made the slightest comment on the event, but the hypothesis of an operation carried out by the Hebrew state has been confirmed by American officials and other countries, cited anonymously by several American media outlets, including the New York Times and CNN.

According to the American daily, the pagers were intercepted and modified before reaching Lebanon. “The explosive material, between 30 and 60 grams, was implanted next to the battery of each pager”as well as a detonator that can be triggered remotely, according to unnamed officials cited by the New York TimesA source close to the Lebanese team told AFP that “The beepers that exploded are from a shipment of 1,000 devices recently imported by Hezbollah”which appear to have been “hacked at the source”According to the American daily, the explosive charge was triggered by a message received at 3:30 p.m. (local time), presented as having been sent by the leadership of Hezbollah.

The hypothesis of a bomb placed in advance is all the more credible because there are precedents. In 1996, Yehia Ayache, one of Hamas’s main bomb makers, was killed when his phone exploded, booby-trapped in advance by Israel. The NSA, a US intelligence agency, has also intercepted computer deliveries, but to add spying tools, according to documents transmitted in 2013 by former employee Edward Snowden to the German newspaper The Mirror.