Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Israel Accuses Hamas of Targeting Soldiers With World Cup App

Tel Aviv – Israeli military intelligence on Tuesday accused Hamas hackers of creating a World Cup app and two online dating sites to tempt soldiers into downloading spyware onto their phones.

Tel Aviv – Israeli military intelligence on Tuesday accused Hamas hackers of creating a World Cup app and two online dating sites to tempt soldiers into downloading spyware onto their phones.

Briefing journalists at national defence headquarters in Tel Aviv, army intelligence officers said the scam by members of the Palestinian Islamist movement that runs the Gaza Strip failed to damage military security.

“No damage was done, as we stopped it in time,” one of the officers said, with the military’s response codenamed “Operation Broken Heart”.

But he said the attempt showed the Islamist militants had adopted new tactics since a similar attempt was revealed in January 2017.

The emphasis then was solely on the dating game, with the hackers posing online as attractive young women seeking to lure men in uniform into long chats.

This time the traps were aimed at both sexes and there was the additional bait of World Cup action with an app offering “HD live streaming of games, summaries and live updates”.

Attackers used stolen identities to create more convincing fake Facebook profiles of young Israelis, written in fluent Hebrew studded with current slang.

“What Hamas is bringing to the table is a very good knowledge of our young people and their state of mind,” another officer said. Asked how he could be sure Hamas was behind the online offensive, he declined to say but insisted there was no doubt.

Advertisement. Scroll to continue reading.

The assailants uploaded their custom-built Golden Cup, Wink Chat and Glance Love applications to the Google Store, to make them seem legitimate, according to the officers.

Using Facebook sharing and Whatsapp messages, they urged young men and women performing Israel’s compulsory military service to download the infected apps.

Once on the recipient’s phone, officers said, the device could be taken over to covertly take and send photographs, eavesdrop on conversations, copy stored files and pictures and transmit location details.

But in most cases, they said, soldiers did not download the apps and informed their superiors of their suspicions.

Google has since deleted the apps from its store, they added.

They said that awareness of the potential risk had soared since the army publicised the previous attempts.

“Thanks to the soldiers’ vigilance, Hamas’ intelligence infrastructure was exposed before it caused actual security damage,” army briefing notes said. Israel and Palestinian militants in Gaza have fought three wars since 2008.

In March 2016 a Palestinian from Gaza was charged with hacking into Israeli military drones.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.