Honeytraps used to infect Israeli soldiers’ smartphones with spyware


Graham Cluley
Graham Cluley
@[email protected]

Honeytraps used to infect Israeli soldiers' smartphones

I’ve often said that the biggest vulnerability lies in users’ brains, not in the software they’re running on their computers or smartphone. It only takes one unwise decision for a security breach to take place.

And that’s certainly going to be the case if you’re thinking with what’s in your trousers rather than your brain.

As local media reports, the Israeli Defence Force (IDF) say that their troops have been targeted by a Hamas scheme which aims to trick users into installing a malicious spyware app onto their smartphones.

Sign up to our free newsletter.
Security news, advice, and tips.

And how do the attacker fool IDF’s soldiers? By creating bogus social networking profiles of young attractive women, and luring their targets into installing malware onto their devices with the promise of a video chat.

Hamas operatives would pose as attractive, young Israeli women by assuming their identities and making contact with soldiers, mainly through Facebook. Following contact with soldiers, the Hamas operatives would attempt to engage in an intimate virtual relationship and convince soldiers to download an “application” that would allow for video chatting.

The “application” was a Trojan horse, which gave Hamas total control over the device and allowed the terrorist organization to activate the camera and microphone, access contacts, videos and photos, and even Whatsapp conversations and emails—all without the soldier being aware.

Moreover, Hamas also managed to delete the application from the devices, while simultaneously installing more sophisticated monitoring and control applications without leaving a trace.

Android conversation with honeytrap

Even if troops could not be convinced to install a malicious app, it’s simple to picture how an intimate virtual relationship could develop and targets could be tricked into sharing sensitive information.

The damage done by the attack is said to be “minimal”, but according to reports Hamas acquired images of Israeli offices, tanks, armoured vehicles, and soliders’ location in the border area. It’s easy to imagine how such an attack could steal a great deal of sensitive information if not noticed for a long period of time.

There are a few lessons to learn here:

  • Just because someone has a cute picture on their social networking profile, does not mean that’s what they really look like. They could be someone else entirely – and indeed of a different sex.
  • Always be extremely wary of installing apps from non-official sources. Generally, the apps you find in the official Google Play store or iPhone app store are less likely to be intentionally malicious.
  • Maybe it’s not such a good idea to identify yourself as a serving member of the military on social media, or to strike up relationships with strangers online.

Oh, and think with your head – not with your trousers.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “Honeytraps used to infect Israeli soldiers’ smartphones with spyware”

  1. John

    Honeypots, not honeytraps

  2. Moshe

    Just like another old story of an Israelite warrior (Samson) and a fetching lass from Gaza (Delilah). And the lessons still hold.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.