2018-07-21

Tailored Cyber Attack on Military Mobile Devices

Incident

Early in July 2018, Israeli security agencies announced that the Hamas had installed spyware on Israeli soldiers’ smartphones to collect. About 100 Israelis fell victim to the attack that came in the form of fake World Cup and online dating apps that had been uploaded to the Google Play Store, the official app store of Google.

Effect

Once the apps were installed on the victims’ phones, the highly invasive malware was then able to carry out the following malicious activities:

  • Record the user’s phone calls
  • Take a picture when the user receives a call.
  • Steal the user’s contacts.
  • Steal the user’s SMS messages.
  • Steal all images and videos stored on the mobile device and information on where they were taken.
  • Capture the user’s GPS location.
  • Take random recordings of the user’s surroundings.
  • Steal files and photos from the mobile device’s storage.


Pattern

This tactic has been used before:

  • In early 2017, the Viperat spyware targeted Israeli soldiers serving around the Gaza strip, leveraging social engineering techniques to steal photos and audio files from their smartphones. 
  • In March 2016, ‘SmeshApp’, a calling and messaging app on Google Play store, was allegedly used by Pakistan in to spy on Indian military personnel.
  • Further, in 2016, a Russian APT group was suspected of using Android spyware to track Ukrainian field artillery units.


What to do for prevention


  1. Armed Forces can provide troops with particular mobile devices that are managed, secured and supported by an exclusive service provider.
  2. Soldiers personal mobile devices can be installed with a unique security application that protects devices from threats at device, application and network levels.
  3. Soldier’s can be guided to be aware of these spyware and avoid their injection.
  4. Armed Forces may ban the use of smart devices in duty entirely.


References:
1. https://gbhackers.com/military-mobile-devices-spyware/
2. https://blog.checkpoint.com/2018/07/05/an-invasive-spyware-attack-on-military-mobile-devices/

No comments:

Post a Comment