Hamas hacks IDF cell phones by suckering soldiers with phony accounts


After posing as beautiful young women, Hamas operatives successfully hacked IDF soldiers’ cell phones to acquire intelligence by photographing and listening in on IDF forces near the Gaza border.

By Yoav Zitun


As part of the Hamas’ internet espionage activities, the terrorist organization’s cyber collections unit managed to hack dozens of cell phones belonging to IDF combat soldiers in an attempt to gather intelligence for military operations and preparations on the Gaza border.

Investigations by the Shin Bet and the IDF’s Information Security Department and Cyber Defense Unit discovered that dozens of cell phones belonging to soldiers and officers in both active and reserve duty had been hacked by Hamas.

Several of the fake women accounts Hamas has imitated on Facebook. – Photo: IDF Spokesperson’s Unit

Hamas operatives would pose as attractive, young Israeli women by assuming their identities and making contact with soldiers, mainly through Facebook. Following contact with soldiers, the Hamas operatives would attempt to engage in an intimate virtual relationship and convince soldiers to download an “application” that would allow for video chatting.

The “application” was a Trojan horse, which gave Hamas total control over the device and allowed the terrorist organization to activate the camera and microphone, access contacts, videos and photos, and even Whatsapp conversations and emails—all without the soldier being aware.

Moreover, Hamas also managed to delete the application from the devices, while simultaneously installing more sophisticated monitoring and control applications without leaving a trace.

Dozens of soldiers whose cell phones were hacked were questioned by the IDF’s Information Security Department and the affected devices were also confiscated in order to determine the extent of the damage.

Tests by the IDF and Shin Bet revealed that the damage was minimal, but acknowledged that Hamas acquired images that resembling IDF war rooms, tanks and armored vehicles, observation devices and locations of soldiers in the border area.

In response to the cyber attacks, the IDF has decided to release the images of 16 characters Hamas is using in the attempt to entice soldiers into giving up information.

At this time it is not known whether or not soldiers will face disciplinary action as a result of falling in a trap, but consultations with the Military Advocate General will make the final ruling on the matter.


Hamas members in reservists’ groups on Facebook

Monitoring activities by the IDF’s Information Security Department in 2016 uncovered Hamas attempts to enter open and closed Facebook groups of reserve soldiers who were attempting to keep in touch with their platoons and units.

IDF training exercises – Photo: IDF Spokesperson’s Unit

Information gathered by the IDF demonstrates that Hamas built reliable profiles based on forged identities of soldiers. Posing as soldiers, Hamas operatives asked about recent training exercises and attempted to glean as much information as possible.

Following the increase of Hamas cyber activity, the IDF has decided to tighten guidelines for soldiers on the use of social media. From  here on out, all soldiers in possession of a top secret security clearance will be forbidden from uploading any pictures related to military service or register as a soldier. Additionally, all officers above the rank of captain will also be required to abide by the same guidelines.

Given the impact of social media on the IDF in recent years, military officials have also decided to increase mandatory briefings and training on how to use social media as a soldier and the threat posed to security.


3,000 IDF-based Facebook groups

Despite the exposure of the Hamas operation, the IDF believes that the ongoing Hamas campaign will seek to employ more sophisticated means of gathering intelligence.

IDF Cyber Unit – Photo: IDF Spokesperson’s Unit

The IDF has also refused to comment on whether or not the situation on the northern border is worse due to the technological capabilities of Hezbollah, which utilizes both Iranian and Russian technology. However, the IDF has acknowledged that efforts against internet and cellular espionage are ongoing.

The IDF has identified 3,000 unofficial Facebook groups currently in operation. As a result, officials have decided that additional measures are necessary in order to avoid future lapses in security. Measures being discussed include more precautions such as permission to start groups and stricter guidelines for accepted friend requests.

As part of this operation, the IDF has opened a special command post available 24/7 where soldiers can report suspicious online activity.

Victims of the current cyber attack are identified mostly as low-ranking soldiers, with several officers included.

Investigations by the Shin Bet and the IDF’s Information Security Department and Cyber Defense Unit discovered that dozens of cell phones belonging to soldiers and officers in both active and reserve duty had been hacked by Hamas.