Security
Headlines
HeadlinesLatestCVEs

Headline

Malicious 'Airstrike Alert' App Targets Israelis

A spoofed version of the popular RedAlert app collects sensitive user data on Israeli citizens, including contacts, call logs, SMS account details, and more.

DARKReading
#vulnerability#web#android

Attackers are spoofing a widely used open source application that warns Israelis of incoming airstrikes, called RedAlert, to lure users into downloading a malicious version of the software that, instead of telling those under attack where to seek safety, collects their sensitive data.

Applications warning Israelis of incoming airstrikes have become a trending attack vector for pro-Palestinian threat groups, according to a new report from Cloudflare. The latest round of cyberattacks uses a modified version of the open source RedAlert to lure users into downloading the spoofed version, which then provides cybercriminals with access to contacts, call logs, SMS details, a list of accounts associated with the device, as well as insights into other apps installed on a victim’s device, Cloudflare added.

“Only users who installed the Android version of the app from this specific website are impacted and urgently advised to delete the app,” Cloudflare said. “Users can determine if they installed the malicious version by reviewing the permissions granted to the RedAlert app.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

DARKReading: Latest News

Faux ChatGPT, Claude API Packages Deliver JarkaStealer