Hamas using honeypots to target Israeli soldiers on Instagram

IDF: "Popularity and the need to follow back increases the risk."

August 14, 2018 14:36
3 minute read.
Hamas using honeypots to target Israeli soldiers on Instagram

A fake Hamas profile uncovered by the IDF. (photo credit: IDF SPOKESPERSON'S UNIT)


Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analysis from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief


The IDF has uncovered another Hamas network posing as attractive young women on social networks in order to honeypot soldiers, this time on Instagram, in order to access as much information and intelligence on the army that they can.

“This is a network in which the culture of sharing is paramount and where everything revolves around pictures and ‘see me,’” said Lt.-Col. A, the head of information security policies at the IDF’s Information Security Department.

According to him, “Popularity and the need to follow back increases the risk” of soldiers taking the bait, and cautioned soldiers to follow military guidelines and not click on suspicious messages in their Instagram inbox.

“We want to make it clear to the soldiers that even if Hamas adds additional applications and infiltrates additional platforms, once we identify them, they will not catch up with us,” said Lt.-Col. A.

The IDF launched two operations in the past year uncovering networks of Hamas operatives trying to lure in soldiers through smartphone applications. According to the IDF Spokesperson’s Unit there have been hundreds of reports of suspicious individuals approaching soldiers online since January 2018.

The IDF first uncovered Hamas’s attempt to honeypot male soldiers online in January of last year in an operation dubbed “Hunter’s Network” where dozens of accounts on social networks, such as on Facebook, were identified as being operated with false or stolen identities with the intent to extract classified information from both regular and reservist soldiers.

Hamas honeypots soldiers on Instagram (Credit: IDF Spokesperson's Unit)

In March the IDF’s Military Intelligence Directorate launched “Operation Heartbreaker” and uncovered another cell behind suspicious online actions targeting IDF soldiers on social networks as well as on messaging applications such as Whatsapp using Israeli numbers to get soldiers to download applications from Google’s official store.

In both instances the soldiers were asked to download applications which compromised their cell phones with Trojan horse viruses.

“The reports we received after the publication [of Operation Heartbreaker] dealt a great deal with the fact that soldiers thought that an application from an official app store was not necessarily dangerous,” Lt.- Col. A. was quoted by the army as saying.

“After we thwarted and blocked the applications, Hamas tried unsuccessfully to preserve connections that had been initiated in the past, or new relationships with identities that have not yet been exposed. Thanks to the high reporting by soldiers, these attempts were also revealed and we were able to thwart other fake profiles,” he said.

Once on the phone, the virus would give Hamas operatives access to all pictures, the soldier’s location, text messages (including the history of sent messages), and the soldier’s contact list. The virus would also be able to download files, have access to the phone’s camera and microphone, take pictures and record conversations remotely without the soldier knowing.

An investigation by the IDF’s Military Intelligence found 11 suspicious individuals (three who approached soldiers on WhatsApp, another eight who approached soldiers on Facebook) were members of an intelligence network of the Hamas terrorist organization.

The military urged troops to only confirm friendship requests from people one knows personally, to not upload any classified information to any social network, and to only download applications from the actual App Store (rather than downloading applications from links).

Troops were also recommend that if they were approached by a stranger online to be aware that it might be an attempt to honeypot them, especially if the suspicious individual is unable to meet in person.

The IDF has urged all soldiers, including reserve soldiers, to report to their commander and security officials if the suspicious individual asks them to download applications and if they feel that their phone may have been compromised.

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

Syrian President Bashar Assad speaks during an interview with Russian television channel NTV, in Dam
March 22, 2019
Syria vows to recover Golan Heights in light of Trump's words