SMS Trolling Targeting Likud Supporters Was Not a Hack

Starting last week, supporters of Israel’s ruling party Likud have been bombarded with misleading and often taunting SMS messages

Omer Kabir 17:2325.02.20
Over the past two weeks, Israel’s ruling party Likud has been entangled in several privacy scandals involving security vulnerabilities in the various digital services it uses, including its campaign management app, developed by Elector Software Ltd., and its own website. The matter of Likud’s poor privacy protection standards reached as high as the Israeli Supreme Court, which received a petition against it last week.

 

The latest embarrassment for the party, however, which revolves around suspicious SMS messages sent to supporters, did not originate from any of its digital services, according to documents obtained by Calcalist from a Likud official on condition of anonymity.

 

Benjamin Netanyahu. Photo: Reuters Benjamin Netanyahu. Photo: Reuters
Starting Last week, Likud supporters have been bombarded with misleading and often taunting SMS messages. One particularly mischievous message read, for example: “dear party members, all of your photos have been successfully backed up to the cloud and will soon be shared between all activists to create a familial environment, the Likud is a family!”

 

Another message read: “as part of our app’s security upgrades and in order to protect your safety, all the usernames and passwords stored on your phone have been sent to Likud’s secure cloud service, which is protected by top experts. A fee of NIS 180 will be automatically charged to your bank account on the 18th of each month.” NIS 180 is approximately $52.

 

Other messages urged users to delete Elector’s app from their phone, citing threats of left-wing activists using it to hack the phones of Likud supporters.

 

The messages were seemingly legitimate as they appeared to originate from a phone number posted by Likud leader Prime Minister Benjamin Netanyahu on Twitter several days prior. To fend off the negative effects of the fake texts, Netanyahu sent out an audio message to supporters, urging them personally to ignore the texts and continue to use Elector.

 

Likud approached InformuMobile (incorporated as Shamir Systems & Enterprises Ltd.), the company that provides its SMS communication service, to examine the possibility of a hack into its systems. According to the documents reviewed by Calaclist, InformuMobile’s Deputy CEO Yoni Almog told Likud that the aforementioned texts were not sent through the company’s systems, neither by Likud nor by any other individual using the program. Almog also stated InformuMobile’s SMS-sending systems were not hacked.

 

Since a hack has been ruled out, it appears the messages may have been sent through a system that allows users to forge the sender’s phone number, an action known as spoofing.

This may be very bad news for Likud. While a hack can be blocked and a leak can be fixed, spoofing is extremely difficult to stop as it can be performed through almost any commercial texting system, including ones operating outside the country. It is also possible the attacker will step up their game on election day next week, sending Likud supporters messages intended to lower their voting rate.

 

While anti-spoofing legislation that would require cell phone service providers to block texts whose senders are unverified is already in the works in Israel, it will not go into effect in time to prevent an attack by Monday’s general election.