You might think that only ‘silly’ people get fooled into accepting friend requests from a fake hot girl or guy on Facebook. In reality, however, it is one of the most common Facebook mistakes that people make. Sex sells, and hackers know it. For this reason, hot profiles are an extremely effective method used by hackers to get malware onto people’s devices.
Now, news has emerged that Israeli Defence Force (IDF) soldiers have been falling victim to the well-known social engineering trick. The cyberattack, which is believed to have been coordinated by members of Hamas, has been successfully using fake profiles of attractive women to get spyware onto Israeli soldiers’ devices.
After convincing a number of IDF soldiers to accept friend requests from the sexy fake accounts, Hamas lured the soldiers into downloading another chat app. No doubt they promised to “sext” with them on the more ‘private’ platform. Sadly for the horny soldiers, however, the fake chat app contained malware called a Trojan. According to a security expert in the country called Khaled Safi, the Trojan was used to tap phone calls and discover sensitive information:
“Hamas operatives managed to download spying applications on the phones of Israeli officers and soldiers. The application is called a Trojan horse and can be controlled remotely. They listened to phone calls, read all incoming and outgoing messages and could turn on the phones’ cameras to see inside Israeli military sites on the borders with Gaza. No one knows how important and dangerous the information Hamas operatives were able to gather from soldiers [was], although Israeli intelligence has very advanced technologies it could use to do the same to the Palestinian resistance.”
One IDF soldier, who decided to remain anonymous for obvious reasons, was interviewed on the Israeli Channel 2 to explain how Hamas operatives were slyly using fabricated Facebook profiles to engage soldiers in conversation and deceive them into becoming infected with the Trojan Horse:
“A beautiful girl contacted me [on Facebook] and we started talking. After we got to know each other and I started trusting her, she asked me to download a special application for private messaging. I downloaded the application and it did not work, but I kept it on my phone and we went back to chatting on Facebook Messenger. It took me a while to discover that I had fallen into the trap and that I was chatting with a Hamas member.”
Suddenly realizing the severity of the situation, the Israeli army issued a warning for soldiers to be extra vigilant when using their smartphones and tablets. What is confusing many people, however, is why the (usually reticent) Israeli forces have admitted to the Hamas infiltration. Usually, the IDF would do its best to downplay any successes at the hands of its enemies. On this occasion that wasn’t the case, leading quite a few people to scratch their heads.
One theory is that the Israeli army overplayed the threat on purpose in order to quash it in advance of it inflicting any real damage. Some Hamas supporters, however, feel that the whole story is unlikely because the attack vector would work contrary to the religious views of the Gaza-based militia.
Perhaps it is this contradictory moral stance, however, that has kept Hamas from stepping forward to take credit for the attack. As of yet, no one has come forward to claim the cyberattack as their own. Although that doesn’t necessarily mean it was not Hamas, it remains true that it could also have been someone else. It is possible, after all, that some other group is attempting to snoop on the IDF. It is even possible that whoever coordinated the attack wanted to make it seem like Hamas carried it out.
What is worth bearing in mind, is that Israel is a world leader when it comes to cybersecurity. Tel Aviv is highly dominant in the field, and in 2015 Microsoft bought out three Israeli cybersecurity firms, spending in excess of $500 million in order to add their expertise to its ranks. It is also worth remembering that many of those cybersecurity experts learned their trade working for Israeli military intelligence.
Adallom (one of the firms bought out by Microsoft), for example, was founded in 2012 by three former members of the IDF. This demonstrates the high levels of security knowledge present within the army. The reason is obvious: Israel is geopolitically located in a dangerous region and as Dudu Mimran, CTO of the Cyber Security Research Center at Ben-Gurion University, eloquently puts it,
“The challenging environment Israel faces in the Middle East in the physical world has reflections also on the cyber world.
Security is a subject that can be taught theoretically, but nothing is a substitute for a real hands-on experience and we’ve got lots of it.”
Perhaps it is because of this high level of know-how, that the IDF decided to be so public about the attack vector, in order to stop any embarrassing leaks before they occurred. No one is quite sure.
According to Avichay Adraee, a spokesperson for the army, it is believed that in total 16 fake profiles were used as honeypots to hook the Israeli soldiers. Alaa al-Rimawi, director of Al-Quds Center for Studies of Israeli and Palestinian Affairs, said that there is concern that the Hamas operatives may have been trying to establish links within the IDF to find corrupt soldiers willing to smuggle weapons into the Gaza Strip.
For now, the truth remains shrouded in mystery. In reality, however, these kinds of socially engineered attacks – although effective – are an untechnical method that could have easily been perpetrated by any ‘script kiddie.’ In addition, there has been a huge rise (over the last few years) in the number of Trojans available to hackers online. These tools can easily be set up and controlled by a remote Command and Control (CnC) server. As such, the truth is that the attack could have been carried out by just about anyone.
If you are concerned about falling for one of the most common Facebook mistakes, why not take a look at our guide here.