CISO MAG Desk
Hackers have succeeded in honey trapping United Kingdom’s Royal Air Force (RAF) personnel by hijacking an RAF airwoman’s Tinder profile and reaching out to another RAF serviceman to get details of the F-35 stealth fighter out of him. The source of the hack remains largely unknown but comes in the midst of concerns of China and Russia staging state-sponsored attacks.
According to the Britain RAF, hackers have been able to gain “some information” about its fleet of stealth fighter jets. “Within the last week, a serving member of the RAF had their online dating profile hacked. It subsequently transpired that the perpetrator then attempted to befriend another serving member of the RAF to apparently elicit comment and detail on F-35,” according to an internal RAF memo viewed by the UK’s Daily Mail. “‘Fortunately, little information was disclosed and the individual whose account had been hacked reported this matter expediently enabling prompt follow-up action and investigation.”
The honeytrap attack had raised the concerns among RAF officials, prompting the commanders to warn the RAF personnel to be wary of similar attacks in future. ‘Nevertheless, this incident serves to highlight the risk of social engineering (SE) and online reconnaissance against social media profiles that disclose links to HM Forces,’ the memo stated.
The F-35 Joint Strike Fighter project is currently the world’s most expensive weapon at over $1.3 trillion wherein the UK will manufacture 15 percent of every one of over 3,000 jets ordered. The attack has occurred weeks after RAF received its first batch of F-35s from American weapons maker Lockheed Martin. “It should be noted that UK military posture, policy and capabilities continue to be significant targets of interest for hostile state and non-state actors,” the memo read.
This isn’t the newest incident this year where dating apps were used to infiltrate smartphones used by military personnel. In July this year, Palestinian Sunni-Islamist fundamentalist organization Hamas was accused by the Israel army’s intelligence directorate for building fake dating and FIFA World Cup 2018 applications to entice soldiers into downloading malware on to their mobile phones with the intention to gather sensitive information about the military activities around Gaza strip. According to reports, “Hamas also created bogus profiles with the stolen identities of young women, asking to chat on WhatsApp and interact with soldiers and later requesting them to download their Trojan Horse apps on Google Play Store.”