On Thursday, Lebanon's intelligence service was reportedly accused of hacking into the smartphones of thousands of Android phone users, monitoring individuals' devices and data without consent, according to Reuters.
A report published by Lookout, a mobile security film, in collaboration with Electronic Frontier Foundation (EFF), a digital rights group, claims Lebanon's General Directorate of General Security (GDGS) ran more than 10 campaigns since 2012 aimed at Android users in 21 countries.
The state-backed hackers - dubbed "Dark Caracal" - tricked individuals into downloading fake versions of encrypted messaging apps, including Whatsapp and Telegram, giving hackers full access to their devices.
No evidence was found with regards to hacking of Apple phone users.
"The malware, once installed, could do things like remotely take photos with front or back camera and silently activate the phone’s microphone to record conservations," researchers said, according to Reuters.
The researchers behind the report said the stolen data includes nearly half a million intercepted text messages, documents, photos, audio and the like, according to Annahar.
"It’s almost like thieves robbed the bank and forgot to lock the door where they stashed the money,” said Mike Murray, Lookout’s head of intelligence, according to Annahar.
The main targets of the cyber attacks are government officials, military targets, utilities, and financial institutions.
The victims of the attacks were mostly located in Lebanon, with some in Syria, Saudi Arabia, Russia, China - to name a few.
The researchers also found evidence linking the servers used for the attacks to a General Directorate for General Security (GDGS) office in Beirut.
The report added that "the internet protocol addresses of the spyware’s control panels mapped to an area just south of the GDGS building."
The suspected devices all seemed to have connected to a Wi-Fi network active at the site of Lebanon's security headquarters, according to The Telegraph.
However, the researchers cannot confirm 100% that GDGS is fully responsible for the hacking.
"General Security does not have these type of capabilities. We wish we had these capabilities," said Major General Abbas Ibrahim, director general of GDGS, when asked for comment by Reuters.