Cyber-Attack Via Social Engineering In Israel: A Case Study Of The Hamsaupdate Malware Campaign

This case study examines the HamsaUpdate malware campaign, a deliberate cyber assault on Israeli civilians amid the 2023-2024 Israel-Hamas conflict. The operation disseminated a deceptive emergency alert application via WhatsApp, aiming to install spyware on users' mobile devices under the pretence of providing critical information. This study analyses the campaign's operational mechanisms, psychological effects, and institutional responses through qualitative analysis of technical reports, cybersecurity bulletins, and academic literature. The findings, contextualised within hybrid warfare and social engineering theories, demonstrate how adversaries leveraged public trust in digital emergency tools to fulfil surveillance and destabilisation objectives. The assault marked a tactical advancement in cyberwarfare, shifting from rudimentary propaganda and defacement to more clandestine and invasive espionage. Malicious APK files facilitated real-time data exfiltration, including camera, microphone, location, and messaging content. The use of social media and linguistic modification significantly enhanced the campaign's reach and effectiveness. The psychological effects, characterised by confusion, fear, and diminished trust in official communication channels, intensified societal vulnerability during physical conflict. This study contributes to cybersecurity readiness by highlighting the convergence of technical exploitation and psychological manipulation in modern conflicts. Key policy implications include the immediate adoption of zero-trust architecture, real-time threat intelligence dissemination, enhanced digital literacy, and simulation-based training to prepare civilians for socially engineered threats. The HamsaUpdate campaign exemplifies the evolution of citizen-focused cybersecurity strategies within hybrid conflict contexts.