Comment by edm0nd 3 days ago
These pagers were 100% a supply chain attack. Intercepted and modified with small explosives embedded in them or swapped the entire shipment out with ones with a small explosives in them.
There is no possibility these explosions are from battery overloads via an exploit or firmware hack.
The microcontrollers inside the pagers probably have a spare GPIO pin, so they'd just have to modify the software and attach the detonating electronics to that gpio pin.
Since i'm supposedly "posting too fast", to answer the post below:
> Just curious, is it possible to program the pins so that it triggers by wireless or satellite command? With that scale I don't think wireless is possible though.
Technically it is, but requires additional electronics and antennas. It's much easier to just use the existing pager network and trigger when some specific message (or pager code) is detected. Paging networks are simple to implement.
Maybe they bought a large quantity of pagers from the same supplier and modified beforehand? I think a few grams of high explosives is good enough.
Just curious, is it possible to program the pins so that it triggers by wireless or satellite command? With that scale I don't think wireless is possible though.
the pager is already wireless. So adding functionality to trigger wirelessly (over the phone network) is trivial. And it can trigger only with a special message.
Yeah you are probably right. I'm an electronics newbie and don't know exactly how pagers work in wireless. I'm going to read some material on it.
Thanks, I wonder how does one do that. I'll probably need to read how pagers work.
My best guess is explosively formed penetrator in the display.
I don’t think wholesale replacement of the pagers was likely to work for a number of reasons.
They had to go one step up the supply chain.
The EFP display could be set to trigger on a certain message, or even the clearing of a certain message, which in devices without said display would do nothing.
The display is most likely to be pointed at the user’s face, or opposed to their waistline (EFPs sort of fire both ways but in one axis.
The battery, if it were a cylinder as would be likely, would fire tangentially, likely not hitting much.
A prismatic battery would make a good place for an EFP but difficult to interface with and likely requires a second compromised component.
Might be a hardcoded date and time. Does the legit pager messaging network give the time? If not, continually powered digital clocks drift slowly.
How do you mean? I am trying to understand what you're saying, it seems you mean that people on HN only _think_ they understand how battery technology works saying this is impossible, but in reality they have no idea, and it's trivial to make an explosive device like out of pager batteries?
Reuters is quoting experts, including lithium battery experts, saying that the explosions were inconsistent with an exploding battery:
https://www.reuters.com/world/middle-east/what-we-know-so-fa...
Simple logic and science. Batteries do not cause forceful explosions like we've seen today. These pagers were intercepted and implanted with explosives (or entire load swapped with pre-made malicious ones) and then allowed to continue on to their destination. Thus I can say with 100% confidence that this was a supply chain attack.
https://www.nytimes.com/2024/09/17/world/middleeast/israel-h...
In a surprise to no one except you
How do you judge that likely? It seems just as possible if not more that it was a single lot purchased by Hezbollah for Hezbollah.
I bet lots of people with that model of pager are now ripping them open to check for explosives. If we don't see pictures of unexploded ones, then I'd guess they were all triggered, and the only ones we might see are devices that were turned off at the time.
>or firmware hack.
There's still the question of how the explosive capsule would have been triggered. It couldn't just explode at the first incoming call. There must be more to that.