Over 3,000 pagers and hundreds of two-way radios exploded this week, causing about 40 fatalities and wounding thousands of Hezbollah operatives in Lebanon and Syria. The pagers exploded after receiving a coded message in Arabic that triggered the explosion after a short delay, thus maximizing the damage when users picked up the devices to read the messages appearing to come from Hezbollah leadership. The operation was executed on the afternoon of Tuesday, September 17, 2024, and was followed by the activation of hundreds of booby-trapped walkie-talkies the next day.

A senior Lebanese source said the devices had been modified “at the production level.” Such compromise could involve integrating an electronic board with explosive material that receives a code that triggers an explosive device hidden in the pager, integration of a primer mechanism activated by a similar code, triggering the batterie’s energetic lithium compound to explode, or replacing one or more of the batteries powering the device with alternative batteries containing PETN sheet explosives. The devastating effect requires a minute amount of explosives weighing only a few grams per device. Such action leaves no signature and can only be detected with a chemical or forensic lab examination.

Hezbollah imported the pagers from a supplier in Hungary five months ago. The compromised devices included pagers from several countries, including Brazil and Taiwan. At least one of the manufacturers indicated that the actual supplier of its branded devices was another company called B.A.C. Consulting. Operating from Budapest, Hungary, they allegedly produced the AR-924 pager model used by Hezbollah under license from Gold Apollo. This agreement allowed BAC to use Gold Apollo’s brand trademark for product sales in certain regions. The partnership had been in place for three years. Israel allegedly began shipping these pagers to Lebanon in small numbers in the summer of 2022 and then ramped up production with the growing demand. Shipments of pagers increased over the summer, with thousands distributed among Hezbollah officers and allies.

A day after the pagers attack, more communications devices and electronic devices also exploded in Lebanon. This time, they were ICOM’s IC-V82 two-way hand-held radios used by Hezbollah operatives, including the elite Radwan Unit members.

Unlike the newly delivered pagers, these radios have been used for years, and their production ceased a decade ago. This has required attackers to employ different attack vectors for renewable elements in the supply chain. According to Icom, production of the batteries needed to operate the radio has also been discontinued, requiring users to turn to alternative suppliers. Since compromised rechargeable batteries seem to be the perpetrator of all attacks, this vector appears to be the most likely attack vector used in this operation.

This isn’t the first time foreign powers have exploited Iranian supply chain vulnerabilities. In 2023, Iran announced it had successfully thwarted a significant sabotage operation orchestrated by Mossad to infiltrate defective components into its missile production supply chain. The plan involved introducing faulty parts into the production lines, which could have turned operational missiles into dangerous explosives targeting industrial facilities and personnel.

Whatever vector was used, it achieved the goal of eliminating a substantial part of the organization’s command network by physically hitting on personnel and denying the use of communications channels at a critical time, as an Israeli attack seemed imminent.