by

Cybersecurity firm reveals Hezbollah-linked hack of hundreds of global companies

ClearSky Cyber Security confirmed that ‘Lebanese Cedar’, the cyber unit of Hezbollah, has been behind hundreds of cloud and hosting provider hacks

James Spiro 16:0028.01.21

Israeli cybersecurity firm ClearSky Cyber Security has revealed a new report alleging that Lebanese Cedar, the cyber unit of Hezbollah, has successfully hacked the servers and databases of hundreds of companies around the world.

The report, which labels Lebanese Cedar as an APT (Advanced Persistent Threat), explains that the terrorist group focussed primarily on telecommunications and ISPs. ClearSky Cyber Security has deduced that the attacks gathered intelligence and stole company databases containing sensitive data. It can also be assumed that the call records and private data of clients from these telecommunications companies were exposed, as well.

Boaz Dolev, CEO of ClearSky Cyber Security. Photo: Israel Hadari

“This group successfully worked under the radar for a long time, while getting control of critical databases and stealing valuable information,” explained Boaz Dolev, CEO of ClearSky Cyber Security. “Telecommunication providers worldwide are a prime target for attackers in search for sensitive data.”

The report found 250 servers that were breached by Lebanese Cedar, with the primary victims being Oracle and Atlassian WEB servers. Targeted countries included Israel, the US, the UK, Egypt, Jordan, Lebanon, and the Palestinian Authority.

Lebanese Cedar is a stealth threat actor that ClearSky Cyber Security believes has been active for more than eight years. It identified the recent operations to the organization based on some of the code that overlaps between 2015 variants of the Explosive RAT and Caterpillar WebShell, which were identified at both attacks.