The Israel Defense Force launched a campaign Tuesday to warn its soldiers about Hamas hackers who have been trying to install spyware on their phones via a World Cup app and two online dating sites. About 100 soldiers were duped into doing downloading the spyware, the IDF said, though it insisted no damage had been done to Israeli security.
The military said it had uncovered a plot by the Gaza-based terror group to spy on soldiers by befriending them on social media and then luring them into downloading fake applications it has created that give Hamas access to their smartphones — turning on the phone cameras and recording devices, and accessing the phones’ content.
Briefing journalists at national defense headquarters in Tel Aviv, IDF intelligence officers said over 100 soldiers had been affected by the scam organized by members of the Palestinian terror movement that runs the Gaza Strip, but added that the spyware failed to damage the country’s security.
“No damage was done, as we stopped it in time,” one of the officers said, with the military’s response codenamed “Operation Broken Heart.”
But he said the attempt showed the terror group had adopted new tactics since a similar attempt was revealed in January 2017.
The officer, speaking on condition of anonymity under military regulations, said the Hamas cyber-efforts to snoop on soldiers were a significant upgrade on previous attempts, since they could seize control of a phone’s contents, potentially acquiring classified information or compromising images that could be used to blackmail soldiers.
The military said the first two apps were called Glancelove and Winkchat, supposed dating apps. The third, Golden Cup, was filled with information about the World Cup taking place in Russia.
The photos used on social media to initially reach out to the soldiers belonged to real women whose photos and personal details were stolen from their Facebook profiles. Some were scantily clad and kissing each other. Conversations over Facebook and WhatsApp were conducted in everyday Hebrew from Israeli mobile numbers, and the military said those operating the accounts were not necessarily based in Gaza.
Attackers used stolen identities to create convincing fake Facebook profiles of young Israelis, written in fluent Hebrew studded with current slang. They then initiated flirtatious exchanges with their targets, before encouraging them to download the apps.
There was also additional bait of FIFA World Cup action with an app offering “HD live streaming of games, summaries and live updates.”
“What Hamas is bringing to the table is a very good knowledge of our young people and their state of mind,” another officer said.
Asked how he could be sure Hamas was behind the online offensive, he declined to say but insisted there was no doubt.
The assailants uploaded their custom-built Golden Cup, Wink Chat, and Glance Love applications to the Google Store, to make them seem legitimate, according to the officers.
Using Facebook sharing and WhatsApp messages, they urged young men and women completing compulsory military service to download the infected apps.
Once one of the apps was on the recipient’s phone, officers said, the phone could be taken over to covertly take and send photographs, eavesdrop on conversations, copy stored files and pictures, and transmit location details.
In most cases, the officers said, soldiers did not download the apps and in many cases informed their superiors of their suspicions.
Google has since deleted the apps from its store, they added.
They said that awareness of the potential risk had soared since the army publicized the previous attempts.
“Thanks to the soldiers’ vigilance, Hamas’ intelligence infrastructure was exposed before it caused actual security damage,” army briefing notes said.