Any technology user can fall victim to catfishing, even elite corps members. Multiple Israeli army troops suffered the hacking of their smartphones due to the installation of a malicious app. This is a common attack variant, although the medium used by attackers has caught the attention of the cybersecurity community.
According to an Israeli army spokesman, some members of the Palestinian armed group Hamas posed as women searching for online dating, using fake social media profile and with stolen photos to attract the attention of soldiers and then inviting them to download the malware-loaded app.
The spokesman added that the infected devices did not contain critical information, in addition that those devices were already secured by the Israeli army’s intelligence and cybersecurity team. Lt. Col. Jonathan Conricus later mentioned, “This is the third similar attack attempt detected in recent months, although it is also the most sophisticated so far.”
Conricus added that Hamas hackers posed as young women, using pictures taken from legitimate social media profiles and websites, as well as using the Hebrew language very poorly, posing as immigrants or claiming visual, hearing or even technological limitations, which proved convincing for the attacked soldiers.
After a while of chatting, the hackers sent links for the target soldiers to download a supposed secure photo sharing app; actually, what the soldiers downloaded was a malware to remotely access a mobile device. After they interacted with this malicious development, hackers managed to access multiple phone data, such as photos, contact list and location data.
According to Conricus, this Hamas plan was discovered months ago although they claim that intelligence efforts have not stopped to detect any other attempts of intrusion into Israeli army activities. It should be remembered that Hamas and Israel are in permanent conflict, so subsequent cyberattack attempts are likely to be reported.
Previously, the International Institute of Cyber Security (IICS) reported that Hamas was trying to attack Israeli soldiers using fake dating apps, loaded with a variant of spyware to fully access communications from some members of the military. This attack was also repelled by the Israeli army’s cybersecurity unit.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.