The IDF on Wednesday revealed that it had uncovered a months-long effort by a network of Hamas terrorists to steal intelligence by posing online as attractive women and contacting soldiers in the hopes of installing Trojan horse spyware on their smartphones.
The ruse involved members of the terror group approaching soldiers on social media platforms and trying to convince them to download chat applications that contained malicious software.
Following reports by several soldiers of suspicious online activities, a joint IDF and Shin Bet operation was opened. Lasting several months, “Operation Hunter’s Network” identified dozens of Hamas accounts which operated with false or stolen identities with the intent to extract classified information from both regular and reserve IDF soldiers.
According to senior Military Intelligence officials, these enemy accounts would reach out to IDF soldiers online, sometimes in romantic ways, and asked them to download applications that compromised their cell phones, infecting them with advanced technological viruses.
Applications used by Hamas included Wowo Messenger, SR Chat, and YeeCall Pro.
Once the virus was on the phone, the honeypot would then stop answering any messages sent by the IDF soldiers, but the virus would remain on the phone, giving Hamas operatives access to all pictures, the soldier’s location, text messages (including the history of sent messages), and contacts. The virus also had access the phone’s camera and microphone, taking pictures and recording conversations without the soldier knowing, as well as the ability to download hidden applications so if the application with the virus would be deleted, the phone would remain compromised.
Following the operation the IDF concluded that the army must raise the public’s awareness about the threat and adopt stricter guidelines in order to thwart the enemy’s plans.
Military Intelligence also released new, more cautious, guidelines for the use of social networks by IDF soldiers: only confirming friendship requests from people one knows personally, not uploading any classified information to social networks, and only downloading applications from the original App Store (rather than downloading applications from links).
The IDF has urged all soldiers, including reserve soldiers to adhere to the new guidelines and to report to their commanders and security officials if they feel that their phone may have been compromised.