Honeytraps used to infect Israeli soldiers' smartphones with spyware

Attention!

Honeytraps used to infect Israeli soldiers' smartphones

I've often said that the biggest vulnerability lies in users' brains, not in the software they're running on their computers or smartphone. It only takes one unwise decision for a security breach to take place.

And that's certainly going to be the case if you're thinking with what's in your trousers rather than your brain.

As local media reports, the Israeli Defence Force (IDF) say that their troops have been targeted by a Hamas scheme which aims to trick users into installing a malicious spyware app onto their smartphones.

And how do the attacker fool IDF's soldiers? By creating bogus social networking profiles of young attractive women, and luring their targets into installing malware onto their devices with the promise of a video chat.

Hamas operatives would pose as attractive, young Israeli women by assuming their identities and making contact with soldiers, mainly through Facebook. Following contact with soldiers, the Hamas operatives would attempt to engage in an intimate virtual relationship and convince soldiers to download an "application" that would allow for video chatting.

The "application" was a Trojan horse, which gave Hamas total control over the device and allowed the terrorist organization to activate the camera and microphone, access contacts, videos and photos, and even Whatsapp conversations and emails—all without the soldier being aware.

Moreover, Hamas also managed to delete the application from the devices, while simultaneously installing more sophisticated monitoring and control applications without leaving a trace.

Android conversation with honeytrap

Even if troops could not be convinced to install a malicious app, it's simple to picture how an intimate virtual relationship could develop and targets could be tricked into sharing sensitive information.

The damage done by the attack is said to be "minimal", but according to reports Hamas acquired images of Israeli offices, tanks, armoured vehicles, and soliders' location in the border area. It's easy to imagine how such an attack could steal a great deal of sensitive information if not noticed for a long period of time.

There are a few lessons to learn here:

  • Just because someone has a cute picture on their social networking profile, does not mean that's what they really look like. They could be someone else entirely - and indeed of a different sex.
  • Always be extremely wary of installing apps from non-official sources. Generally, the apps you find in the official Google Play store or iPhone app store are less likely to be intentionally malicious.
  • Maybe it's not such a good idea to identify yourself as a serving member of the military on social media, or to strike up relationships with strangers online.

Oh, and think with your head - not with your trousers.

Tags: , , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , , ,

2 Responses

  1. John

    January 12, 2017 at 3:43 pm #

    Honeypots, not honeytraps

  2. Moshe

    January 13, 2017 at 1:55 pm #

    Just like another old story of an Israelite warrior (Samson) and a fetching lass from Gaza (Delilah). And the lessons still hold.

Leave a Reply