IDF foils another Hamas honeypot attempt

Written by on July 4, 2022

The IDF has uncovered and foiled yet another Hamas network posing as young women on social networks in order to honeypot IDF soldiers in order to access as much information and intelligence on the military that they can.

The fake accounts that were identified as Hamas operators were Hodaya Shetrit, Racheli Benisti and Adina Goldberg.

The seemingly innocent profiles approached Israelis over the past month on Telegram and various social networks that dealt with soccer and dating and tried to implant spyware under the guise of a puzzle app.

“The profiles corresponded with soldiers in order to establish a connection that would allow them to take the next step and entice them to download a game, which would later turn out to be a malicious attack tool,” a senior officer in Military Intelligence was quoted by the IDF as saying.

Screenshot of Hamas run profile made to target Israelis and install malware. (credit: IDF SPOKESPERSON UNIT)

“The profiles corresponded with soldiers in order to establish a connection that would allow them to take the next step and entice them to download a game, which would later turn out to be a malicious attack tool.”

Senior Israeli military officer

The app would allow the attacker, Hamas, to gain almost complete control over the soldier’s device. It would then be used to gather critical information and even track the soldier.

The network was identified after a soldier reported a suspicious conversation that he had with someone on Telegram. 

What happens now?

Following the report, an operation dubbed “The end of the Game” began by a joint team made up of the Shin Bet internal security agency, the Information Security Division in the IDF as well as the Spectrum and Cyber Defense Division. 

The operation by the various bodies was conducted in the General Staff monitoring center that was recently opened in the Information Security Division which is responsible for detecting, identifying and exposing various cyber threats against soldiers and military assets using advanced technological means.

“This is comprehensive cooperation of a number of security bodies inside and outside the military, through which many attempts to penetrate soldiers’ phones were thwarted, without them noticing,” the IDF said.

The Israeli military has thwarted several similar attempts by Hamas to honeypot troops in recent years.

Two years ago, the phones of hundreds of soldiers, including combat soldiers, were compromised. The IDF thwarted the attempt by the Gaza-based terror group in an operation they called “Rebound.”

In that attempt, Hamas was said to have improved their attack plan and used new platforms like Telegram alongside platforms like Instagram, Facebook and Whatsapp. The group also sent voice messages in an attempt to make the enemy account sound more believable.

The military identified six main characters used by Hamas, many of whom presented themselves as new immigrants to Israel with hearing or vision problems to explain for their less-than-fluent Hebrew.

In addition to using the same characters on various platforms to boost its credibility, Hamas is said to have edited the pictures of the characters, making it more difficult to find the original source of the picture.

How did the virus help Hamas?

Once on the phone, the virus would give Hamas operatives control over all aspects of the phone, including pictures, the soldier’s location, text messages and the soldier’s contact list.

The virus would also have access to the phone’s camera and microphone, taking pictures and recording conversations remotely without the soldier knowing. The group also was able to download and transfer files and have access to the phone’s GPS allowing them to know the infected device’s location.

Is this a pattern?

The IDF believes that Hamas and other terror groups will continue with similar attempts.

 “We are closely monitoring the enemy, and as soon as we see fit, we will thwart it and impair its capabilities. It should be understood that this is an ongoing mission, in which we will continue to act at all times to disrupt enemy capabilities,” the IDF said.

Following the latest attempt, the military has reiterated to soldiers to follow the IDF’s cautious guidelines for the use of social networks by soldiers: only confirming friendship requests from people one knows personally, not upload any classified information to any social network, and to only download applications from the original App Store (rather than downloading applications from links).

The military has also recommended that if a soldier is approached by a stranger online be aware that it might be an attempt to honeypot them, especially if the suspicious individual is unable to meet in person. 

The IDF has urged all soldiers, including reserve soldiers, to report to their commander and security officials if the suspicious individual asks them to download applications and if they feel that their phone may have been compromised.

Originally posted =>


Reader's opinions

Leave a Reply

Your email address will not be published. Required fields are marked *



TM OF JC

House of Prayer

Current track

Title

Artist

Current show

Praise and Worships Time

5:20 am 11:59 am

Current show

Praise and Worships Time

5:20 am 11:59 am