Hamas militants tried to hack Israeli soldiers’ phones by posing as attractive young women


Hamas militants tried to hack Israeli soldiers’ phones by posing as attractive young women in sophisticated catfishing attack

  • Smartphones of dozens of soldiers were targeted by the Islamist militants
  • Terrorists posing as glamorous women sent texts, pictures and voice messages 
  • But Israeli military said it had detected the fake social media accounts early on
  • ‘We do not assess any significant breach,’ Lt. Col. Jonathan Conricus said today 

The Israeli military today said it had thwarted a honey trap phone hack by Hamas militants posing as glamorous young women on social media to seduce its soldiers.

Smartphones of dozens of soldiers were targeted by the Islamists, but the Israeli Defence Forces (IDF) said the catfishing was detected early and no major secrets were leaked by its men.

The terrorists attempted to seduce the men into downloading a Snapchat-like app where racy photos could be exchanged, but this was actually a malware virus which would steal data from the phones.

Lt. Col. Jonathan Conricus told reporters on Sunday: ‘We do not assess there is any significant breach of information.’

The Israeli Defense Forces tweeted this morning: 'Hamas created fake social media profiles, using photos including this one, in an attempt to hack the phones of IDF soldiers. What Hamas didn’t know was that Israeli intelligence caught onto their plot, tracked the malware & downed Hamas’ hacking system. #CatfishCaught'

The Israeli Defense Forces tweeted this morning: ‘Hamas created fake social media profiles, using photos including this one, in an attempt to hack the phones of IDF soldiers. What Hamas didn’t know was that Israeli intelligence caught onto their plot, tracked the malware & downed Hamas’ hacking system. #CatfishCaught’

A fake Facebook profile deployed by Hamas to lure Israeli soldiers into a honey trap designed to seduce them into installing malware on their phones

A fake Facebook profile deployed by Hamas to lure Israeli soldiers into a honey trap designed to seduce them into installing malware on their phones

A fake Facebook profile deployed by Hamas to lure Israeli soldiers into a honey trap designed to seduce them into installing malware on their phones

Conricus said this was the third attempt by Hamas to target male soldiers through fake social media accounts, most recently in July 2018. But he said this latest attempt was by far the most sophisticated.

He said Hamas used a number of social media platforms, including WhatsApp, Facebook, Instagram and Telegram, to make contact with unsuspecting soldiers.

Posing as young women on social media, the group struck up friendships with the soldiers, sending photos, texts and voice messages to them.

The ‘women’ claimed to be new immigrants to explain their poor Hebrew, and even claimed to be deaf or hard of hearing as an excuse for texting, instead of speaking directly on the phone, Conricus said.

The profiles appeared on multiple platforms, and he said the photos were disguised to make it difficult to ‘reverse track’ them, giving the accounts additional authenticity.

‘We see that the level of social engineering is much higher and much more advanced and sophisticated when compared to previous attempts done by Hamas,’ he said. ‘We see that they’re of course learning and upping their game.’

Eventually, they sent the soldiers links to ‘seduce’ them into downloading what they said was a Snapchat-like app to exchange photos that could quickly disappear, Conricus said.

In reality, the links were to three malware programs – Catch&See, ZatuApp and GrixyApp – that allowed Hamas to gain access to the soldiers’ phones.

The links were to three malware programs - Catch&See (pictured), ZatuApp and GrixyApp - that allowed Hamas to gain access to the soldiers' phones

The links were to three malware programs - Catch&See (pictured), ZatuApp and GrixyApp - that allowed Hamas to gain access to the soldiers' phones

The links were to three malware programs – Catch&See (pictured), ZatuApp and GrixyApp – that allowed Hamas to gain access to the soldiers’ phones

He said it was ‘very clear’ that Hamas was behind the effort. He said the malware linked to known Hamas servers and at least one of the profiles had been used in a previous Hamas scam. There was no immediate comment from Hamas

Conricus declined to say how many soldiers had been targeted. But he said that dozens had downloaded the malware.

He said soldiers had reported the suspicious activity relatively early on, allowing the army and the Shin Bet internal security service to monitor their phones. It is now in the process of removing the malware, he said.

Israel and Hamas, an Islamic movement that seeks Israel’s destruction, are bitter enemies that have fought three wars and numerous skirmishes since the group seized control of the Gaza Strip in 2007.

The enemy sides have been holding indirect talks through Arab and U.N. mediators aimed at reaching a long-term truce under which Israel would ease a blockade on the Gaza Strip in exchange for Hamas assurances to maintain quiet.

But low-level fighting has persisted. Early Sunday, Israel carried out a number of airstrikes on Hamas targets in Gaza in response to the firing of two projectiles from Gaza into southern Israel. No casualties were reported on either side.