Hamas, which is an acronym of Ḥarakat al-Muqāwamah al-ʾIslāmiyyah, is the "Islamic Resistance Movement" consisting of Palestinian Sunni-Islamic fundamentalists and militants.
As a nationalist organization, it has been engaged in wars with the Israeli for more than many times.
The two sides have been in many clashes of varying intensity, trading blows and attacks with each other. For more than many years, the two view each other as mortal enemies.
This time, the Hamas has been allegedly conducting cyberattacks towards Israeli officials through a method called the "catfish" attack.
It is alleged that the Hamas operated an extensive fake profile network on Facebook, using photos of women to lure in their targets.

The network, reportedly operated by Hamas for several months, has been used for surveillance and obtaining sensitive information from targets, according to a blog post by Cybereason, a U.S.-based and Israeli-owned company that uncovered Hamas' operation.
The fake accounts mainly targeted young Israelis who serve in the Israel Defense Forces (IDF) and other security establishments.
The accounts were also used to target Israelis who work at emergency services.
Catfish attack means that Hamas uses flirtatious attempts to trick victims into their traps.
Typically, catfish attacks involve methods to trick people out of their money. But this time, the Hamas uses the attack to siphon information from their targets.
And just like typical catfish attacks, the alleged campaign by the Hamas involves high-level social engineering tricks.
This includes creating fake social media profiles using fabricated identities, with photos of beautiful and attractive women whose faces were stolen from other people, or generated using AI. The Hamas then use the accounts to make engagements with other social media users on the platform, before finally making contact with their targets.
To make the fake accounts appear authentic, the operators have even curated the profiles for months, posting in Hebrew and liking various groups and popular pages in Israel, and friending friends of the targets.
The Hamas-backed hacking group tracked as 'APT-C-23' did this to prevent targets from becoming suspicious.
After managing to catfish Israeli officials working in defense, law, enforcement, and government agencies in a campaign dubbed the 'Operation Bearded Barbie,' the Hamas then asked their targets to move their conversation to WhatsApp for better privacy.
Falling for this trick means that the targets are already giving their personal phone numbers.
After that, things get erotic.
To make the conversation even more personal and intimate, the Hamas suggested targets to use supposedly more discreet Android messaging app.

And this app apparently contains the VolatileVenom malware.
While using the app, the Hamas sends a link to a RAR file that purportedly contains a sexual video.
In reality, the file contains a downloader for the BarbWire backdoor.
"The video," explained the researchers, "is meant to distract the victim from the infection process that is happening in the background."
Upon opening the file, the malware can deploying custom backdoors on Windows and Android devices.
This in turn give the Hamas complete remote access to the targets' devices.
If that alone is not enough, further attempts were made by convincing targets to use computers at their home and work, which may contain sensitive information.
The Hamas can use the information obtained through this catfish attack to infiltrate the IDF's or other enforcement authorities' computer network.

According to Cybereason, the APT-C-23 has been doing this since at least April 2020, but has since improvised their methods of attack.
For example, the Hamas evolved their campaign with new tools and more complex social engineering efforts.
"The attackers did extensive research with the aim of creating authentic profiles," a Cybereason employee said.
"They frequently posted, shared photos, wrote in fluent Hebrew and joined active Facebook groups, all to create a believable profile."
Cybereason said it has notified Facebook and the relevant Israeli bodies regarding this particular Hamas operation.
According to reports APT-C-23 and Molerats are thought to be the two primary sub-groups of the Hamas cyberwarfare division.














































































































































































































































































































































































