Syrian opposition groups were fooled by hackers posing as beautiful women, resulting in the theft of sensitive battle plans and secret conversations.

The “honey trap” operation, discovered by US-based cyber security firm FireEye, centered around tricking rebels into downloading spyware onto their computers and smartphones when they thought they were sharing photos, the Telegraph reported Monday.

The effort took place over a two month span in late 2013 and early 2014, and resulted in the compromise of opposition battle plans, logistical needs, and personal information.

Get The Start-Up Israel's Daily Start-Up by email and never miss our top stories Free Sign Up

Military plans for an offensive against Khirbet Ghazalah, seized by the Bashar Assad regime in May 2013, were compromised. FireEye said that the ruse garnered “actionable military intelligence for an immediate battlefield advantage” in the fight for the town.

The hackers also seized satellite imagery, weapons lists, personnel rosters, and the names and birth dates of fighters.

It is not known who the hackers were or for whom they worked.

According to FireEye, the hackers set up fake Skype accounts using pictures of attractive women. They then reached out to their targets and asked them to share photos. The hackers sent spy programs disguised as photo files to the opposition members’ computers, enabling the hackers to take them over.

A fake opposition website also sent spy programs to rebels’ computers when they clicked on photos in a matchmaking section.

“For as long as there’ve been secrets, there’s been espionage and as long as there’s been espionage, it’s been intertwined with sex,” said FireEye vice president Richard Turner. “This attack used attractive women to get people to share information in order for them to be compromised. The vast majority of cyber attacks start with fairly innocuous emails to create a level of interest with a target.”

Though it is not known who carried out the attacks, there are active Syrian hacking groups. The Syrian Electronic Army is an outfit that has gained fame for its hacks of government and defense websites, and is one of the biggest beneficiaries of the unrest that has characterized Syria for the past several years. SEA hackers get access to user systems, recording information about on-line accounts and stealing funds, or using victims’ computers as part of huge botnets that send out spam and become part of attacks on banks and financial sites.

A report by security firm Kaspersky Lab showed how the SEA has used a variety of Internet “dirty tricks” to hoodwink panicked web users into clicking on links and files that have installed a variety of Trojans, viruses, password hijackers, and other malware that give cybercrooks full access to computers. Because Syrians are rattled enough by the civil war to apparently click on anything that seems “official,” issued by the government or the army, hackers don’t even have to bother making their phony wares seem real. They’re confident that users will even gladly click on something called “Ammazon Internet Security” if they believe it will make them a bit safer

Most of the SEA attacks come from within Syria itself, while a smaller number originate in Russia and Ukraine, Kaspersky said. The SEA does most of its illicit social engineering in Arabic, and as many Middle Easterners are interested in what is going on in the country, the SEA has been finding ready “customers” for its scare tactics in the entire region. Besides Syria, which supplies the vast majority of victims, SEA targets can be found in Lebanon, Turkey, Saudi Arabia, Egypt, Jordan, the West Bank, Israel, and the US.

David Shamah contributed to this report.