Fake Dating Apps Infiltrate Israeli Military

Uploaded on 2018-07-12 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Hackers, TECHNOLOGY-Key Areas-Social Media

Hamas has been accused of running a sophisticated spyware operation designed to trick Israeli Defense Force (IDF) soldiers into downloading malicious apps.

Hundreds of IDF troops have been contacted by alleged fake profiles on social networking sites in what the military is dubbing Operation Broken Heart.

After building up a rapport with the soldier on WhatsApp, the ‘woman’ in question then typically sends them a link to download a convincing looking but malicious app. 

These included dating apps with names like GlanceLove and ones featuring goals and live scores from the World Cup, such as Golden Cup. One suspicious-looking profile which nevertheless had an Israeli number attached, belonged to a ‘Lina Kramer’ and was discovered in January. Those behind the campaign often try to cover up broken Hebrew by saying they’re immigrants, the IDF claimed. 

“Not long after the first attacker approached us, we’d already begun receiving dozens of reports from soldiers about suspicious figures and apps on social networks,” said ‘Colonel A,’ head of the IDF Information Security Department.

“Upon investigating the reports, we uncovered hostile infrastructure that Hamas tried to use to keep in contact with IDF soldiers and tempt them to download apps that were harmful, and use the soldiers to extract classified information."

The apps are said to be loaded with Trojan malware capable of switching on the mic and camera, accessing photos, phone numbers and email addresses of soldiers operating near the Palestinian border, and even gathering info on military bases.

The IT security department of the Israeli military has updated its guidance for soldiers in light of Broken Heart and is reportedly also sending fake messages to soldiers in a bid to raise awareness of the dangers of clicking on links from virtual strangers.

Infosecurity:

You Might Also Read

Spies Use Tinder:

Estonian Honey Trap:
 

« Digital Shock. Part 2
Are Women Better At Cyber Security? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Identity Theft Resource Center (ITRC)

Identity Theft Resource Center (ITRC)

ITRC is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime.

National Security Agency (NSA)

National Security Agency (NSA)

NSA is a US intel agency responsible for the protection of government communications and information systems against penetration and network warfare.

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

CyberPrism

CyberPrism

CyberPrism provides SaaS solutions using proprietary technology, underpinned by industry-leading technical practitioners to protect OT within Government, Maritime and Industrial markets.

Xcina Consulting (XCL)

Xcina Consulting (XCL)

Xcina Consulting provides high quality business and technology risk assurance and advisory services.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

Montimage

Montimage

Montimage develops tools for testing and monitoring networks, applications and services; in particular, for the verification of functional, performance (QoS/QoE) and security aspects.

Verafin

Verafin

Verafin is one of the North American leaders in fraud detection and AML software.

Document Security Systems (DSS)

Document Security Systems (DSS)

DSS anti-counterfeit, authentication, and brand protection solutions are deployed to prevent attacks which threaten products, digital presence, financial instruments, and identification.

Commonwealth Cyber Initiative (CCI)

Commonwealth Cyber Initiative (CCI)

The Commonwealth Cyber Initiative is establishing Virginia as a global center of excellence at the intersection of security, autonomous systems, and data.

Integrity

Integrity

Integrity is a PCI QSA and ISO 27001 certified company specialized in Information Security and IT Consulting.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

Protelion

Protelion

The Protelion Security Platform is uniquely architected to deliver security solutions that combine greater protection, flexibility, and performance.

Offensive Security Manager (OSM)

Offensive Security Manager (OSM)

Offensive Security Manager is the ultimate AI software that will enforce offensive security automation, orchestration, coverage, ensure quality, and lets you manage whole process.

IONIX

IONIX

IONIX (formerly Cyberpion) is the attack surface management solution that uses Connective Intelligence to shine a spotlight on exploitable risks across your supply chain.

Genix Cyber

Genix Cyber

Genix Cyber provides world-class cybersecurity services that protect systems, cloud applications, infrastructure, critical data, and networks from evolving cyber threats.