SOCIAL MEDIA: IDF SOLDIERS UNWITTINGLY ALLOW HAMAS TO SPY ON ISRAEL

Military releases new details about Hamas 'honey trap' plot to hack Israeli soldiers’ phones

By Lilach Shoval, Reuters and Israel Hayom Staff

Israel Hayom
February 19, 2017

The cybersecurity company engaged by the Israel Defense Forces to help crack the Hamas 'honey trap' plot exposed last month has released a report about the security breach that includes new information. Hamas operatives had used fake social media profiles of alluring young women in order to entice IDF soldiers into downloading malware onto their mobile devices that would allow Hamas to collect information.

According to the report by Kaspersky Lab, released Thursday, the cyber attack is still in its initial stages and apparently ongoing. The report noted that the Hamas operatives behind the cyber plot were focusing mainly on soldiers and officers serving in and around the Gaza Strip, and that over 100 soldiers of various ranks had fallen prey to the attack, which turned the soldiers' personal Android mobile phones into spy machines for Hamas. The report said that the malware soldiers were tricked into downloading gave Hamas access to information about location, conversations, correspondence and also access to the devices' microphones and cameras. The attackers also managed to send out updates to the malware that increased their abilities to manipulate the users' smartphones.

The report said that after a victim was identified on Facebook, a fictitious profile of a young woman would tempt him into downloading a fake app granting the attackers user access. One version of the malware package included an invite to a fake YouTube app, while others offered fake messaging apps. Once the user downloaded one of the apps, the malware code would be installed on the device. One malware pack titled WhatsApp Update has been identified as having the ability to both execute commands on demand and conduct automatic data mining activity. Most of the data mining took place while the soldiers were using a wireless Internet connection.

The IDF discovered the scheme when soldiers began reporting other suspicious online activity on social networks and uncovered dozens of fake identities used to target the soldiers, he said.

The complaints led the IDF's Information Security Directorate to investigate the issue, with the duped soldiers' help. The soldiers were also ordered to reformat their phones, as this was the only sure way to remove the malware.

The IDF said all officers have been instructed to remind their soldiers of information security and social media use guidelines.

Current military guidelines already bar soldiers and officers in certain units, as well as officers holding the rank of lieutenant colonel and above, from disclosing any information about their service on social media. Following the recent events, it is expected that the directive will be expanded to include more units, as well as officers holding the rank of major.

One of the interesting points to come out of the report is that the IDF's Cyber Unit is cooperating with the civilian Kaspersky Lab. The IDF passed on the report about Hamas' cyber attacks on military phones to civilian firms working in the field of cyber defense, an IDF official told Channel 10 News.