Former prime minister Naftali Bennett's X account featured a suspicious post with a spam link attached on Saturday.
“The Israel News App is now available. Download it and share your thoughts. Exclusive to Israelis. Currently available only on Windows.”
It included a link to an external site that quickly raised alarm among users. Many pointed out that it resembled previous malicious campaigns used to distribute spyware or steal personal information.
Cybersecurity experts believe Bennett’s account was briefly hacked by attackers seeking to exploit his name and credibility to get users to click on a potentially dangerous link.
The incident echoes a similar breach in 2020, when Bennett was serving as defense minister. At the time, his account was briefly taken over, with tweets showing Palestinian and Turkish flags alongside the slogan “Free Palestine.” That hack lasted only a few minutes before Twitter or Bennett’s team regained control.
Former PM Bennett's account hack
As with that earlier case, the goal of Saturday’s attackers appears to have been to sow confusion and take advantage of Bennett’s public profile to spread fake links.
Such links may look harmless, but can lead to malicious sites designed to trick users into downloading harmful files or revealing sensitive information such as passwords or payment details. In some cases, simply clicking on a link can install spyware, giving hackers remote access to messages, cameras, or files on the victim’s device.
Experts note that these types of links are often shared through email, WhatsApp, or social media while pretending to come from legitimate sources. They advise users to inspect URLs carefully, as fake sites often include extra characters, spelling mistakes, or unusual domain endings.
To prevent such breaches, cybersecurity specialists recommend activating two-factor authentication, which requires confirming every login with a code sent to a phone or external app. They also advise using different passwords for each platform, avoiding links from unverified sources, and downloading apps only from official stores such as Apple’s App Store or Google Play.