Several Israeli soldiers’ phones were hacked after they were tricked into downloading an app after being duped by Hamas agents posing as attractive, lonely women, BBC News reports. Fortunately for the Israeli army, it’s not believed that the hackers were able to get their hands on any useful data.
It’s one of the oldest tricks in the book — a woman uses her wiles to gain the trust of a man, and then plays on the man’s feelings for her in order to get something from him. Usually, it’s money, but in a more modern iteration, the lonely ladies are just as often men pretending to be women, and they want access to the victim’s computer or cell phone, which they can then use for a variety of nefarious purposes. They can steal the victim’s identity or the contents of their bank account, or, in the case of soldiers, troop movements and other secrets.
That appears to have been the case here. Hamas agents, posing as lonely women, apparently struck up friendships with Israeli soldiers and convinced them to download an app that would supposedly enable them to share pictures and text messages. The app reportedly installed malware on the phones, giving the hackers access to the information on it, such as photos, contacts, and — most importantly with regard to their military status — their locations.
The malware would also give the hackers control of the devices, which they could then use to turn on cameras and microphones, potentially giving them audio and visual glimpses into what was going on in their enemies’ camp.
The hackers, while posing as women, didn’t exactly speak perfect Hebrew, but they were reportedly able to convince the soldiers that they were recent migrants to Israel, or claimed to have hearing or visual impairments.
Lt. Col. Jonathan Conricus said that Hamas had made at least two other attempts to infiltrate the Israeli army via its soldiers’ phones, but this attempt has been the most sophisticated so far.
“We see that they’re of course learning and upping their game,” he said.
In fact, military commanders were on to the scheme months ago, but let it go on so they could conduct surveillance on the ruse, before shutting it down.
Conricus said that there was “no significant data breach” as a result of the hacking.
In at least one incident involving United States personnel, service members were asked to use an encrypted messaging service to send text messages while deployed in the Middle East, as Military Times reported in January.