Israel Accuses Hamas of Targeting Soldiers With World Cup App
4.7.18 securityweek BigBrothers
Tel Aviv - Israeli military intelligence on Tuesday accused Hamas hackers of creating a World Cup app and two online dating sites to tempt soldiers into downloading spyware onto their phones.
Briefing journalists at national defence headquarters in Tel Aviv, army intelligence officers said the scam by members of the Palestinian Islamist movement that runs the Gaza Strip failed to damage military security.
"No damage was done, as we stopped it in time," one of the officers said, with the military's response codenamed "Operation Broken Heart".
But he said the attempt showed the Islamist militants had adopted new tactics since a similar attempt was revealed in January 2017.
The emphasis then was solely on the dating game, with the hackers posing online as attractive young women seeking to lure men in uniform into long chats.
This time the traps were aimed at both sexes and there was the additional bait of World Cup action with an app offering "HD live streaming of games, summaries and live updates".
Attackers used stolen identities to create more convincing fake Facebook profiles of young Israelis, written in fluent Hebrew studded with current slang.
"What Hamas is bringing to the table is a very good knowledge of our young people and their state of mind," another officer said. Asked how he could be sure Hamas was behind the online offensive, he declined to say but insisted there was no doubt.
The assailants uploaded their custom-built Golden Cup, Wink Chat and Glance Love applications to the Google Store, to make them seem legitimate, according to the officers.
Using Facebook sharing and Whatsapp messages, they urged young men and women performing Israel's compulsory military service to download the infected apps.
Once on the recipient's phone, officers said, the device could be taken over to covertly take and send photographs, eavesdrop on conversations, copy stored files and pictures and transmit location details.
But in most cases, they said, soldiers did not download the apps and informed their superiors of their suspicions.
Google has since deleted the apps from its store, they added.
They said that awareness of the potential risk had soared since the army publicised the previous attempts.
"Thanks to the soldiers' vigilance, Hamas' intelligence infrastructure was exposed before it caused actual security damage," army briefing notes said. Israel and Palestinian militants in Gaza have fought three wars since 2008.
In March 2016 a Palestinian from Gaza was charged with hacking into Israeli military drones.