Israeli soldiers have recently been enticed into downloading malicious Android World Cup and dating apps that secretly allowed Hamas militants to spy on their fellow troops, according to various reports [1, 2, 3] citing Israeli military intelligence.
The malicious apps reportedly can access infected phones’ pictures, phone numbers and email addresses, as well as control cameras and microphones — in some cases even allowing Hamas agents to secretly watch activity on Israel Defense Forces bases.
The Times of Israel reports that IDF intelligence officers recently briefed journalists about the scam, dubbed Operation Broken Heart, at its national defense headquarters in Tel Aviv. One officer reportedly stated that “No damage was done, as we stopped it in time.”
Reports specifically reference three malicious apps that were recently pulled from the Google Play Store — a fake World Cup app called Golden Cup, and two phony dating apps called Glancelove and Winkchat. Media reports generally state that roughly 100 soldiers were victimized since January, typically after they were contacted by Hamas agents through social media channels and tricked into downloading the apps.
Israel Defense Forces made a similar accusation in early 2017, warning that Hamas was contacting Israeli soldiers via Facebook, and using fake accounts with stolen photos and identities designed to lure them into downloading a malicious video chat app.