Teenage girls tempt Israeli soldiers to install spyware for Hamas

Graham Cluley
Graham Cluley
@[email protected]

Teenage girls tempt Israeli soliders to install malicious apps

If something works, you keep doing it.

And – it seems – Hamas operatives believe that Israeli soldiers are just as tempted as ever to be lured into a trap by the social media accounts of young women as ever.

According to the Israeli Defence Force (IDF), members of the Palestinian militant group posed as teenage girls on Facebook, Instagram and Telegram, and approached Israeli soldiers in an attempt to dupe their intended victims into installing malicious apps onto their smartphones.

Sign up to our free newsletter.
Security news, advice, and tips.

Facebook account

IDF spokesperson Brigadier General Hedy Silberman said that the force’s intelligence division had identified six social media accounts used by Hamas to reach soldiers, going by the names Sarah Orlova, Maria Jacobova, Eden Ben Ezra, Noa Danon, Yael Azoulay, and Rebecca Aboxis.

Hamas accounts

Of course the people pictured on the accounts most likely have no idea that their images have been used in this way. But since when have hackers had any qualms about innocent people being harmed when they mount a cyber attack.

According to Silberman, many of the characters present themselves as recent immigrants to Israel “due to the lack of full command of the Hebrew language.”

The aim of the attacks was to trick soldiers into installing three Snapchat-like apps, named “Catch & See”, “ZatuApp”, and “GrixyApp” – which claimed to allow users to share images for a short period of time before they would be deleted.

Catch and see

Just the kind of app a young horny Israeli soldier might want to try out if he thinks he’s chatting to a teenage woman who has the hots for a man in uniform…

The apps, which were not available in official app stores, would appear to fail with an error message after installation – but in reality install malware on behalf of Hamas to take remote control of an infected smartphone.

Once in place the malware could take remote photographs, access files, steal SMS messages and address books, and share the device’s GPS location.

The IDF says that it has now taken down the infrastructure used by Hamas to control the infected devices. It doesn’t share any information about whether it used the same technique used last year against a building allegedly used by Hamas hackers – a military airstrike.

Regular readers will recall that this isn’t the first time Israeli soldiers have been targeted with Hamas honeytraps to infect their smartphones with spyware.

The IDF appears to have shared details of this latest attack in the hope that soldiers will be more careful in future about engaging with unsolicited admirers on social media.

Furthermore, everyone would be wise to be extremely cautious of installing smartphone apps that are not distributed via official app stores. Generally, the apps you find in the official Google Play store or iPhone app store are less likely to be intentionally malicious.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “Teenage girls tempt Israeli soldiers to install spyware for Hamas”

  1. Daniela

    This has been happening for years! Haha Israeli men are so horny all the time, they don't think with their brain, this will keep happening forever.

  2. Jeff

    Well, what do you expect from the men of a nation that are illegal occupiers under international laws!

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.