We read regularly about the unrest between Hamas and Israel, most of which is taking place along the border separating Israel from the West Bank and Gaza. What we haven’t read a lot about is the social engineering effort coming out of Hamas targeting Israeli military personnel.
Hamas is the largest of several Palestinian militant Islamist groups. While no one will accuse Hamas of being original in concept, others have created fake personas to entice individuals to engage. The 2010 Robin Sage con comes immediately to mind. And there are a plethora of examples of phony LinkedIn and Facebook personas which have been created to engage various target sets, all with the intent to elicit personal and professional information.
What makes the Hamas effort unique is they went well beyond the creation of fictious personas; they took a page right out of the North Korean online handbook and created applications (apps) specifically targeted at the Israeli soldier. Using the reach of Facebook and WhatsApp, they promoted their apps to “commercially” targeted audiences using the apps’ own tools.
The Israeli Defence Forces (IDF) tell us that the “Gold Cup” app was created by Hamas. It was a fully functional app which provided timely updates of World Cup scores and stats. A senior IDF officer is quoted, “It actually was a very good one.”
The IDF also identified two data apps targeting Israeli military personnel. GlanceLove was advertised as “the best choice for new lovers who care about their privacy and safety.”
WinkChat was billed as an app “that lets you poke everyone at everywhere whom in your friends list and to be at contact with them in a romance feelings… (SIC)”
The reality is that, once downloaded, the apps allowed Hamas to geolocate the individual, access the user’s data (Read more...)
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Christopher Burgess. Read the original post at: https://threatvector.cylance.com/en_us/home/hamas-is-using-apps-for-social-engineering.html