Dozens of Israeli soldiers were tricked by Hamas into installing malware on their phones and computers via an old ruse: messages from young women looking for companionship.
Investing in security solutions is always a good idea, but what’s the point when users voluntarily install malware on their phones and PCs? As usual, when given the opportunity, it looks like some people will make the wrong choice, underlining the fact that humans remain the weakest link in most attack cycles.
Soldiers were contacted online and offered photos of young women trying to pass as immigrants, with a limited understanding of Hebrew. The end goal was to persuade soldiers to install an app that would supposedly allow them to share photos.
According to a BBC report, it was actually an app that allowed Hamas to spy on Israeli soldiers. If the victim installed the app, attackers would get access to their location, pictures and contacts. It would also be possible to take photos and make recordings without the victim’s knowledge.
The Israel Defense Forces (IDF) found about Hamas’ attempt early on but decided to let it continue to determine the extent of the breach. The purported surveillance was eventually shut down, and the IDF said there was no significant breach of information.
Not surprisingly, this is just the latest development in a continuous cyberwar. Last year, Israeli forces bombed a building that was presumably housing a hacking group working for Hamas.