Hamas has been accused of running a sophisticated spyware operation designed to trick Israeli Defense Force (IDF) soldiers into downloading malicious apps.
Hundreds of IDF troops have been contacted by alleged fake profiles on social networking sites in what the military is dubbing Operation Broken Heart.
After building up a rapport with the soldier on WhatsApp, the ‘woman’ in question then typically sends them a link to download a convincing looking but malicious app.
These included dating apps with names like GlanceLove and ones featuring goals and live scores from the World Cup, such as Golden Cup.
One suspicious-looking profile which nevertheless had an Israeli number attached, belonged to a ‘Lina Kramer’ and was discovered in January. Those behind the campaign often try to cover up broken Hebrew by saying they’re immigrants, the IDF claimed.
“Not long after the first attacker approached us, we’d already begun receiving dozens of reports from soldiers about suspicious figures and apps on social networks,” said ‘Colonel A,’ head of the IDF Information Security Department.
“Upon investigating the reports, we uncovered hostile infrastructure that Hamas tried to use to keep in contact with IDF soldiers and tempt them to download apps that were harmful, and use the soldiers to extract classified information.”
The apps are said to be loaded with Trojan malware capable of switching on the mic and camera, accessing photos, phone numbers and email addresses of soldiers operating near the Palestinian border, and even gathering info on military bases.
The IT security department of the Israeli military has updated its guidance for soldiers in light of Broken Heart and is reportedly also sending fake messages to soldiers in a bid to raise awareness of the dangers of clicking on links from virtual strangers.