The IDF on Sunday said it has thwarted an attempt by the Hamas terror group to hack male soldiers' phones by posing as young, attractive women on social media, striking up friendships and fooling them into downloading malware.
IDF Spokesperson Lt. Col. Jonathan Conricus said that the phones of dozens of soldiers had been infected in recent months, although he said the army detected the scam early on and prevented any major secrets from reaching the Islamic militant group.
"We do not assess there is any significant breach of information," Conricus said.
The IDF said this was the third attempt by Hamas to target male soldiers through fake social media accounts, the most recent previous attempt being in July 2018. But he said this latest attempt was by far the most sophisticated.
He said Hamas used a number of social media platforms including WhatsApp, Facebook, Instagram and Telegram to make contact with unsuspecting soldiers. Posing as young Israeli women on social media, the group struck up "friendships" with the soldiers, sending photos, texts and voice messages to them.
Hamas operatives created profiles for the fictitious women with Israeli-sounding names including Rebeca [sic] Abuksis, Eden Ben Ezra, Sara Orlova, Noa Danon and others.
These "women" claimed to be new immigrants to explain their poor Hebrew, and some even claimed to be deaf or hard of hearing as an excuse for texting instead of speaking directly on the phone, Conricus said.
The profiles appeared on multiple platforms, with the photos edited to make it difficult to trace them, giving the accounts additional authenticity.
"We see that the level of social engineering is much more advanced and sophisticated as compared to previous attempts done by Hamas," he said.
"We see that they're of course learning and upping their game."
Eventually, the "women" sent soldiers links and tried to persuade them to download what they said was an app similar to the Snapchat app in order to exchange photos that would quickly disappear from their phones. In reality, the links were to three malware programs - Catch&See, ZatuApp and GrixyApp - that allowed Hamas to gain access to the soldiers' phones.
Conricus said it was "very clear" that Hamas was behind the effort, with the malware linked to known Hamas servers and at least one of the profiles had been used in a previous scam by the group.
He declined to say how many soldiers had been targeted, but he did affirm that dozens had downloaded the malware.
New warnings were being sent out to soldiers, telling them not to talk to people they don’t know on social media, to avoid sharing classified information and to immediately alert an operational security officer or their commander if their phones begin behaving strangely.
Soldiers had reported the suspicious activity relatively early on, allowing the army and the Shin Bet security service to monitor their phones.