Hamas leader Sinwar escaped in a tunnel/IDF spokesman
A report by the Threat Analysis Group (TAG) at Google, which focuses on Operation "Iron Swords" and the war between Israel and Hamas since October 7, does not identify a fundamental change in the trends in the cyber war between Israel and Iran, which supports the Hamas movement.
Among the trends identified by the researchers at Google , an Iranian attack on critical infrastructure in Israel and the United States, information warfare activities (such as impersonating users on social networks) to damage the trust of citizens in the government and essential organizations and divert public opinion against Israel, and targeted phishing campaigns for the purposes of intelligence warfare and gathering information on Israeli decision makers.
Special attention should be given to an intelligence effort by Hamas, which includes malware masquerading as legitimate applications such as Telegram and VPN software, and an application called RedAlert (which has already been removed from the Android app store, don't worry), which impersonates the official "Color Red" alert application of the Home Front Command, and included takeover capabilities on the device.
The war also continues in the cyber arena/ShutterStock
For example, a group called DESERTVARNISH, which is affiliated with Hamas, distributed an application impersonating the messaging application Telegram and includes the spy software MOAAZDROID, which includes extracting contacts and text messages, as well as sending them without the user's knowledge.
In another case, a malicious app called SOLODROID, masquerading as a dating app, includes the ability to steal files from the victim's device.
Days after the hacking of the fighting, Google also identified a duplicate application of the official red alert application under the name redalerts, which included a backdoor that allowed the hacker to obtain contacts, messages and information about the location of the device.
The attackers directed the attack at Israeli users, and distributed the impersonating application through direct SMS messages, impersonating the Israeli police.
The distribution infrastructure of this application has been eliminated by Google.
Either way, in times of peace or war, our usual cautionary recommendations remain: do not download any application that is not in the official Android application store, certainly not those sent to you through a link in a text message, even if it is sent from a seemingly reliable source.
More on the same topic:
Telegram