IDF, ISA Foil Hamas Cyber Plot

The terrorist organization reached out to hundreds of IDF troops via popular social networks in an attempt to infect their mobile phones with malware that enables access to the data of the phones.  The IDF said the damage was minimal but emphasized that "Hamas is improving in the field"

IDF, ISA Foil Hamas Cyber Plot

Archive photo: IDF Spokesperson

The IDF has thwarted the latest attempt by Hamas to break into the telephones of IDF troops. The Intelligence Branch, together with the IDF's C4I Cyber Defense Directorate and the Israel Security Agency, technologically foiled the operation of several servers of the terrorist organization. "It was the third time that Hamas wanted to use the set of technological tools at its disposal," said the IDF spokesman, Brig. Gen. Hidai Zilberman

"During the last several months the IDF has identified an attempt to infect the telephones of IDF soldiers via the social networks. We identified the resumption of activity by one of the Hamas figures. What was identified was the renewal of the pattern of activity from previous occasions, " said Brig. Gen. Zilberman.

Hamas, the IDF says, continues to improve in the cyber field. "The organization uses Telegram, Facebook and Instagram to break into the telephones of IDF soldiers. They are using social engineering and are reaching out to soldiers in a more sophisticated manner. Hamas sends a message in a female voice in order to make it more believable. Hamas tried to break into the telephones of hundreds of IDF soldiers using this method," the IDF spokesman said. 

The IDF emphasizes that despite the organization's success, there is no concern that national security was compromised. "They reached out mainly to combat troops and low-level officers. They don't know how to target a specific person," the spokesman said.

The head of the IDF Intelligence Branch's information security department, identified only as Colonel R, told how Hamas reached out to IDF troops: "There are five more fictitious figures. To explain their lack of fluency in Hebrew, the figures present themselves as new immigrants. Their pictures are edited in order to make it difficult to find them online. We saw the same figures over and over again."

"There are three apps that Hamas uses to transfer the malware. It is similar to Snapchat, transfer of photos. The app requests authorization to access photos and the camera, and after confirmation an error message appears, but actually the device was attacked and the malware was installed," Col. R said. 

Conversations With Soldiers Using Telegram

The malware contacts the Hamas server, which enables the organization to download files from the phones, and to open the contact lists, photos and messages, among others. "The soldiers displayed awareness but we have improved as well. I emphasize that only well-known sites should be used, without disclosing classified information, and any anomaly should be reported to the security officer. Hamas has reached out to hundreds of soldiers. At this stage the damage estimate is very low. It is a familiar network. We have also dealt them a cyber blow," Col. R said.  


You might be interested also

Iranian protesters holding a photo of   former commander of the Islamic Revolutionary Guard Corps’ Quds Force, Qasem Soleimani, and burning US and Israeli flags, Tehran, August 9th 2022. Photo: Morteza Nikoubazl/NurPhoto via REUTERS

Report: Israel strikes Iranian targets in Syria

According to Syrian sources, the IAF combined a joint aerial attack on the port city of Tartous and on the outskirts of Damascus