Hamas's Facebook catfish operation on Israeli officials - report

An extensive fake profile network was operated by Hamas to surveil and obtain sensitive information on Israeli security establishment officials.

 Facebook, Whatsapp and Instagram logos and stock graph are displayed through broken glass in this illustration taken October 4, 2021.  (photo credit: REUTERS/DADO RUVIC)
Facebook, Whatsapp and Instagram logos and stock graph are displayed through broken glass in this illustration taken October 4, 2021.
(photo credit: REUTERS/DADO RUVIC)

Hamas operated an extensive fake profile network on Facebook, using photos of women to lure in and target Israeli security establishment officials, N12 reported on Wednesday.

The network, reportedly operated by Hamas for several months, was used for surveillance and obtaining sensitive information on the targets, according to Cybereason, the US-based and Israeli-owned company that uncovered Hamas' operation, said.

The fake accounts mainly targeted young Israelis who serve in the IDF and other security establishments or Israelis who work at emergency services.

"The attackers did extensive research with the aim of creating authentic profiles," a Cybereason employee told N12. 

"They frequently posted, shared photos, wrote in fluent Hebrew and joined active Facebook groups, all to create a believable profile."

 A young boy carrying a Hamas flag walks past Palestinian women gathered as they wait for the funeral of a young Palestinian girl, outside the family's home in the Qalandiya Refugee camp in the West Bank, on December 18, 2015.  (credit: HADAS PARUSH/FLASH90) A young boy carrying a Hamas flag walks past Palestinian women gathered as they wait for the funeral of a young Palestinian girl, outside the family's home in the Qalandiya Refugee camp in the West Bank, on December 18, 2015. (credit: HADAS PARUSH/FLASH90)

After starting a conversation with the targets on Twitter, the fake profiles urged the Israeli men, deceived by the photos of women, to have a more "intimate" conversation on the WhatsApp messaging app, thus acquiring their phone number.

Once they gained the targets' trust, the attackers requested the victims to download an app that contained malware which gave the attacker complete remote access to the phone.

Further attempts were made by convincing targets to use computers at their work, which contained sensitive information, in order to infiltrate the IDF's or other enforcement authorities' computer network.

Cybereason said it has notified Facebook and the relevant Israeli bodies regarding the Hamas operation.