Posing as Young Women, Hamas Penetrates Soldiers' Phones; Israeli Army Steps Up Online Rules

Hamas has used fake identities, usually those of young women, often posing as wishing to make aliyah to Israel, to entice combat soldiers to be in contact with them.

The Israel Defense Forces says it has identified Hamas’ methods of using fake social networking profiles to penetrate soldiers’ cellphones and extract sensitive information.

Hamas has used fake identities, usually those of young women, often posing as wishing to make aliyah to Israel, to entice combat soldiers to be in contact with them. After the initial contacts, the soldiers are asked to download an application for video conversations. After the soldiers download the apps, the fake women disappear and cut off contact with the soldiers.

Dozens of soldiers have fallen prey to these tactics, including a number of officers in the professional military who thought they were meeting young women – but in reality they were Hamas agents.

To put an end to the collection of information, the IDF has reset the soldiers’ cellphones.

The apps they downloaded to their phones are really Trojan horses, a malicious program used to hack into a computer. These programs allowed Hamas to collect phone numbers, messages, pictures and files from the phones; and also to activate them remotely to photograph, eavesdrop, activate the GPS and more.

While investigating the cyber attacks, the IDF, along with the Shin Bet security service, has found pictures taken from inside military command centers, offices, computer files and more – all taken without the knowledge of the phone’s owner.

“The enemy has turned the soldiers’ phones into a spying device,” said the IDF.

The military is now formulating a long list of new rules for soldiers and officers on social networks. First, the IDF plans to expand the limitations on soldiers’ use of social networks. Today, only those who serve in intelligence units, pilots, drone operators and officers with the rank of lieutenant colonel and above have been instructed not to identify themselves as soldiers on social networks. Now the IDF plans on adding more units to this list soon.

In addition, from now on soldiers whose jobs require a “top secret” security clearance will no longer be allowed to identify themselves as serving in the IDF on Facebook, Twitter, Instagram and other sites. Officers from the rank of major and up will also be added to this list.

The IDF will require all soldiers to undergo training on the matter, such as not responding to friend requests from people they do not know, not to download apps from anywhere but the official application stores, such as from Google and Apple, and even recommending to all soldiers to reformat their cellphones.

The exposure of the Hamas cyber operations reveals quite a bit about the organization’s capabilities. The Facebook threats show a relatively high level of social engineering skills: using up-to-date slang alongside spelling mistakes that actually make it more believable, certainly for young people of military age who are sure those writing to them are the same age.

The use of a backdoor virus like a Trojan horse also shows a relatively high level of cyber sophistication. The soldier thinks that the installation of the app failed, even though in reality it is installed and allows remote control of the phone while still functioning normally.

The IDF describes the technological level of the Hamas’ cyber unit as good, and it can be assumed that other organizations, such as Hezbollah, have at least a similar level, if not higher.