A few weeks ago there was news that Hamas was using social engineering techniques to fool IDF soldiers into downloading malicious software on their phones by pretending to be European women.
It turns out that the software is more sophisticated than previously thought, but still possible that Hamas could have possibly done.
Security firm Kaspersky, working with the IDF, analyzed the malware.
Israel HaYom reports:
The cybersecurity company engaged by the Israel Defense Forces to help crack the Hamas 'honey trap' plot exposed last month has released a report about the security breach that includes new information. Hamas operatives had used fake social media profiles of alluring young women in order to entice IDF soldiers into downloading malware onto their mobile devices that would allow Hamas to collect information.I find it interesting that the IDF is cooperating with Kspersky. Kaspersky is widely believed to be close to Russian intelligence.
According to the report by Kaspersky Lab, released Thursday, the cyber attack is still in its initial stages and apparently ongoing. The report noted that the Hamas operatives behind the cyber plot were focusing mainly on soldiers and officers serving in and around the Gaza Strip, and that over 100 soldiers of various ranks had fallen prey to the attack, which turned the soldiers' personal Android mobile phones into spy machines for Hamas. The report said that the malware soldiers were tricked into downloading gave Hamas access to information about location, conversations, correspondence and also access to the devices' microphones and cameras. The attackers also managed to send out updates to the malware that increased their abilities to manipulate the users' smartphones.
The report said that after a victim was identified on Facebook, a fictitious profile of a young woman would tempt him into downloading a fake app granting the attackers user access. One version of the malware package included an invite to a fake YouTube app, while others offered fake messaging apps. Once the user downloaded one of the apps, the malware code would be installed on the device. One malware pack titled WhatsApp Update has been identified as having the ability to both execute commands on demand and conduct automatic data mining activity. Most of the data mining took place while the soldiers were using a wireless Internet connection.