JERUSALEM (AP) — The Israeli military on Sunday said it has thwarted an attempt by the Hamas militant group to hack soldiers’ phones by posing as young, attractive women on social media, striking up friendships and persuading them into downloading malware.
Lt. Col. Jonathan Conricus told reporters that the phones of dozens of soldiers had been infected in recent months, although he said the army detected the scam early on and prevented any major secrets from reaching the Islamic militant group.
“We do not assess there is any significant breach of information,” the military spokesman said.
Conricus said this was the third attempt by Hamas to target male soldiers through fake social media accounts, most recently in July 2018. But he said this latest attempt was by far the most sophisticated.
He said Hamas used a number of social media platforms, including WhatsApp, Facebook, Instagram and Telegram, to make contact with unsuspecting soldiers. Posing as young women on social media, the group struck up friendships with the soldiers, sending photos, texts and voice messages to them.
The “women” claimed to be new immigrants to explain their poor Hebrew, and even claimed to be deaf or hard of hearing as an excuse for texting, instead of speaking directly on the phone, Conricus said. The profiles appeared on multiple platforms, and he said the photos were disguised to make it difficult to “reverse track” them, giving the accounts additional authenticity.
“We see that the level of social engineering is much higher and much more advanced and sophisticated when compared to previous attempts done by Hamas,” he said. “We see that they’re of course learning and upping their game.”
Eventually, they sent the soldiers links to “seduce” them into downloading what they said was a Snapchat-like app to exchange photos that could quickly disappear, Conricus said. In reality, the links were to three malware programs — Catch&See, ZatuApp and GrixyApp — that allowed Hamas to gain access to the soldiers’ phones.
He said it was “very clear” that Hamas was behind the effort. He said the malware linked to known Hamas servers and at least one of the profiles had been used in a previous Hamas scam. There was no immediate comment from Hamas
Conricus declined to say how many soldiers had been targeted. But he said that dozens had downloaded the malware. He said soldiers had reported the suspicious activity relatively early on, allowing the army and the Shin Bet internal security service to monitor their phones. It is now in the process of removing the malware, he said.
Israel and Hamas, an Islamic movement that seeks Israel’s destruction, are bitter enemies that have fought three wars and numerous skirmishes since the group seized control of the Gaza Strip in 2007.
The enemy sides have been holding indirect talks through Arab and U.N. mediators aimed at reaching a long-term truce under which Israel would ease a blockade on the Gaza Strip in exchange for Hamas assurances to maintain quiet.
But low-level fighting has persisted. Early Sunday, Israel carried out a number of airstrikes on Hamas targets in Gaza in response to the firing of two projectiles from Gaza into southern Israel. No casualties were reported on either side.
Related: Israel Bombs Hamas Cyber HQ in Response to Cyberattack
Related: Hamas-Linked Threat Actor’s Infrastructure Disrupted
