Honeytraps used to infect Israeli soldiers’ smartphones with spyware

Graham Cluley

Honeytraps used to infect Israeli soldiers' smartphones with spyware

Honeytraps used to infect Israeli soldiers' smartphones

I’ve often said that the biggest vulnerability lies in users’ brains, not in the software they’re running on their computers or smartphone. It only takes one unwise decision for a security breach to take place.

And that’s certainly going to be the case if you’re thinking with what’s in your trousers rather than your brain.

As local media reports, the Israeli Defence Force (IDF) say that their troops have been targeted by a Hamas scheme which aims to trick users into installing a malicious spyware app onto their smartphones.

And how do the attacker fool IDF’s soldiers? By creating bogus social networking profiles of young attractive women, and luring their targets into installing malware onto their devices with the promise of a video chat.

Hamas operatives would pose as attractive, young Israeli women by assuming their identities and making contact with soldiers, mainly through Facebook. Following contact with soldiers, the Hamas operatives would attempt to engage in an intimate virtual relationship and convince soldiers to download an “application” that would allow for video chatting.

The “application” was a Trojan horse, which gave Hamas total control over the device and allowed the terrorist organization to activate the camera and microphone, access contacts, videos and photos, and even Whatsapp conversations and emails—all without the soldier being aware.

Moreover, Hamas also managed to delete the application from the devices, while simultaneously installing more sophisticated monitoring and control applications without leaving a trace.

Android conversation with honeytrap

Even if troops could not be convinced to install a malicious app, it’s simple to picture how an intimate virtual relationship could develop and targets could be tricked into sharing sensitive information.

The damage done by the attack is said to be “minimal”, but according to reports Hamas acquired images of Israeli offices, tanks, armoured vehicles, and soliders’ location in the border area. It’s easy to imagine how such an attack could steal a great deal of sensitive information if not noticed for a long period of time.

There are a few lessons to learn here:

  • Just because someone has a cute picture on their social networking profile, does not mean that’s what they really look like. They could be someone else entirely – and indeed of a different sex.
  • Always be extremely wary of installing apps from non-official sources. Generally, the apps you find in the official Google Play store or iPhone app store are less likely to be intentionally malicious.
  • Maybe it’s not such a good idea to identify yourself as a serving member of the military on social media, or to strike up relationships with strangers online.

Oh, and think with your head – not with your trousers.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

2 Replies to “Honeytraps used to infect Israeli soldiers’ smartphones with spyware”

  1. Just like another old story of an Israelite warrior (Samson) and a fetching lass from Gaza (Delilah). And the lessons still hold.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.