Hamas used an elaborate “honeypot” network to lure IDF soldiers into becoming hacking victims, according to the Israeli army. The scheme gathered sensitive information from soldiers’ phones, and even secretly recorded their conversations.
The revelation comes after the Israel Defense Forces (IDF) and Shin Bet security service launched “Operation Hunter’s Network” following reports by several soldiers of suspicious online activities, according to The Jerusalem Post.
The operation identified dozens of accounts on social networks, including Facebook, which operated under false or stolen identities.
Most of those accounts used the images of beautiful women to attract the attention of soldiers – a tactic known as a “honeypot” scam.
The accounts would reach out to IDF soldiers online, sometimes in romantic ways, and ask them to download applications to take part in a video chat, according to senior military intelligence officials cited by The Jerusalem Post. Those applications would then infect the soldiers’ phones with Trojan horse viruses.
Once the phone had been corrupted, the “honeypot” would stop talking to the soldiers, but the virus would remain on the device. From there, it would give Hamas operatives access to all the soldiers’ photos, along with their location, text messages and contacts.
It also gave the operatives access to the phone’s camera and microphone, allowing them to take photos and secretly record soldiers’ conversations. The virus also had the ability to download hidden applications so that the phone would remain corrupted even if the app with the virus was deleted.
“Wherever the phone was, so was the enemy,” a senior IDF official said, as quoted by The Jerusalem Post.
The official added that the scam mostly targeted males, though some females also fell victim to the plot. Overall, “dozens” of soldiers, including a major, were reportedly targeted.
The plot is now considered to be foiled, and its impact considered minimal, according to the senior official.
“There is, of course, a potential of serious harm to national security, but the damage that was actually done was minor,” the official said, adding that “anyone who was infected, is not infected anymore.”
He went on to state that the compromised phones were reformatted to prevent any future hacking.
The operation’s findings prompted the IDF to conclude that the army must raise awareness about the risk of social networks and adopt stricter guidelines to combat any future hacking plans by Hamas.
In response, the IDF is in the process of broadening restrictions on the use of social media by enlisted soldiers. Those with the rank of major and above will be barred from uploading any photos showing themselves in uniform or publish that they are part of the IDF. Such restrictions currently only apply to the positions of lieutenant colonel and above.
The army will also train every soldier, especially combat troops, on the threat posed by posts or photos uploaded to social networks, and will create a body which will operate around the clock to collect and investigate all reports of suspicious online activity.
The IDF also stated that administrators of Facebook groups related to the army – of which there are over 3,000 – will be informed of threats posed online and will be urged to only add people who they recognize to their groups.
Military intelligence also released more conservative guidelines for IDF soldiers when it comes to social networks, including only confirming friendship requests from people they personally know. They must also refrain from uploading classified information to social networks, and only download applications from official App stores, rather than from third-party links.
Meanwhile, Hamas isn’t the only party to have been accused of using “honeypot” tactics. Last April, the FBI was accused of doing the same in an effort to trap a 21-year-old believed to be an Islamic State (IS, formerly ISIS/ISIL) sympathizer.