Israeli cyber-intelligence firm ClearSky has warned that Hamas is attempting to implant spyware on the mobile phones of Israelis who download a fraudulent Red Alert rocket-siren app.
The company’s security researches said last week that the spyware redirects users to a fraudulent website to download the malicious app, and warned consumers to beware of downloading apps from fake Facebook profiles or botnets on Twitter.
Once downloaded, the app takes control of the phone, allowing hackers to exploit the full range of the phone’s abilities, including to track the user’s location, take photos, record audio, send messages and make calls. It cannot be removed from the phone once installed.
ClearSky also said that the attack is in its early stages, and is already being addressed by Internet security companies. It encouraged those who want to download the Red Alert app—like the thousands who wanted to stay informed during the recent rocket bombardment from Gaza on southern Israeli communities—to do so from official app stores.
Last month, the Israel Defense Forces cracked down on a Hamas ploy to lure Israeli soldiers into providing access to information and intelligence on the army through hackers posing as attractive young women and men on social-media networks. The scheme also involved the downloading of malware, which then took pictures and recorded audio from the phones of unsuspecting soldiers.