Malicious Red Alert apps

[TravelMug]

I might as well put this as a warning for everyone. We all know that there is already a on-going war between Israel and Hamas. And as such, cyber criminals are going to take advantage of it. And so there were reports already that they have take advantage of a legit app called, RedAlert - Rocket Alerts. So what this app do is for those who download it, to receive notifications of incoming rockets targeting the country of Israel.



But the criminals were able to exploit it, as they created a malicious version:

The malicious RedAlert version imitates the legitimate rocket alert application but simultaneously collects sensitive user data. Additional permissions requested by the malicious app include access to contacts, call logs, SMS, account information, as well as an overview of all installed apps.

The service is run to gather data from victims’ phones and upload it to the actor’s secure server. The data is extensive and includes:

• SIM information, including IMEI and IMSI numbers, network type, country, voicemail number, PIN status, and more
• Full Contact list
• All SMS messages, including content and metadata for all statuses (e.g. received, outgoing, sent, etc.)
• A list of accounts associated with the device
• All phone calls and conversation details for including incoming, outgoing, missed, rejected, and blocked calls
• Logged-in email and app accounts
• List of installed applications

The malicious website is:

Code:

(hxxps://redalerts[.]me)

https://blog.cloudflare.com/malicious-redalert-rocket-alerts-application-targets-israeli-phone-calls-sms-and-user-information/

Who knows what's next, maybe there will be more malicious apps like this in the future that is somewhat related to the war. And if you crypto related apps and emails in your phone, this malware can obviously infect us and then this cyber criminals is going to drain our crypto wallet's fund.

So just be mindful of everything that we download on our phone so that we will not be the next victim.

[1714647897]

1714647897

[1714647897]

1714647897

[DaNNy001]

Wow, this is actually massive and although am not from Israel but I think warning should go for every crypto enthusiast out there. Especially when it comes to  giving out of specific user data to some apps we download and install in our mobile phones. And I think another way to avoid such ever scene happening to any user would be to actually have your Bitcoin wallet on a hardware device or avoid saving or using any mobile wallet software as they are vulnerable to series of different cyber hack and attacks from hackers and most these attacks you are actually the one who gives the go ahead permissions without even knowing.

*Edit *
Always be watching of the slight difference in the websites that we download our app and software from as scammers and hackers are always active in clowning original sites for their own evil activities.

[blckhawk]

I don't know about other countries but in my country, if you have a phone and it has a sim card with your number on it, it sends you an alert message of what impending disaster you're going to have to prepare although it's mostly earthquakes and typhoons, I am sure that a war or an invasion will definitely be sent through those alerts. You can check in your country if they do have that kind of system too so you don't have to rely on this kind of apps and risk downloading the malware kind and if you don't then just keep an eye on the news; international and local, also learn your geography so you're not needlessly worried when a war erupts.

[Z390]

Thanks for the heads up but I doubt there is any Israelites on here? Maybe I am wrong but it's fine to share on the forum at least, this is a massive one and very scary if you try to imagine things, it's not new that apps are target by bad actors to steal data and information from people, that's why I don't recommend using playstore for app downloading, some people think it's secure because it is from Google but it's not, it is better you find the official website of that app and click the download link from there.

If you want to download your favourite Bitcoin or crypto wallet do not use any app stores because the apps can be tampred with, always go to the wallets official website like Electrum and trust wallet websites, avoid using Google playstore.

[Baofeng]

I don't know about other countries but in my country, if you have a phone and it has a sim card with your number on it, it sends you an alert message of what impending disaster you're going to have to prepare although it's mostly earthquakes and typhoons, I am sure that a war or an invasion will definitely be sent through those alerts. You can check in your country if they do have that kind of system too so you don't have to rely on this kind of apps and risk downloading the malware kind and if you don't then just keep an eye on the news; international and local, also learn your geography so you're not needlessly worried when a war erupts.

Yeah mate, we are lucky that we have those in our country, and just like last week we have an earthquake and right after, our phones ring coming from our disaster committee.

But I understand what the OP wanted to meant here, and I remember that I have posted warnings before during the pandemic wherein hackers and criminals are taking advantage of the situation and created a lot of websites related to covid. But in the background it's full of malware and everything is fake and they just wanted you to download. And once you fall and download anything, it will install malicious code like malwares.

[ScamViruS]

But I understand what the OP wanted to meant here, and I remember that I have posted warnings before during the pandemic wherein hackers and criminals are taking advantage of the situation and created a lot of websites related to covid. But in the background it's full of malware and everything is fake and they just wanted you to download. And once you fall and download anything, it will install malicious code like malwares.

It is sad that some criminals try to take advantage of people's bad times to do activities that are very dangerous for certain people. There are still many people online who are not careful while installing any apps, making them easy prey for cybercriminals. They look forward to exploiting any bad situation in the world to carry out major scams. During Covid there were also various scamming websites that conducted fake fundraiser activities.

Hope this warning from Op will help those inexperienced people to avoid installing such apps.

[PX-Z]

As long as the app isn't uploaded on those popular play store alike sites/apps then it's alright. But if not, then we can simply report it so it would not cause any damage.

[Dunamisx]

This malicious red alert app is a disastrous rocket indeed that can penetrate with depth to it's victims, we must be very careful of what we see online and download, there are many apps we ought not to have on our device but we downloaded them all because we want a better digital experience, another mistake we often do is by downloading from the wrong web address that have been cloned by scammer, this gives them more ability to have assurance in their penetration into our privacy.

[TravelMug]

As long as the app isn't uploaded on those popular play store alike sites/apps then it's alright. But if not, then we can simply report it so it would not cause any damage.

Unfortunately, this hackers have way to circumvent play store and who knows, maybe later we will hear that they are spreading the links to play store. So still it can do damage if someone goes to their website and download it and think that it is a legitimate apps.

Thanks for the heads up but I doubt there is any Israelites on here?

This is not just a warning to Israelites here, my point it that anyone is vulnerable and hackers are going to take advantage like the geo-political incidents that we have right now. So they could evolved as well and then target crypto wallets. It's not just a one and done development for them. They will released iterations of their malware to the point that it become so sophisticated that it will take months or years for anti-virus or malware hunters to find it out. And then it's too late as it has spread already wrecking havoc and victimizing a lot of people along the way.

But I understand what the OP wanted to meant here, and I remember that I have posted warnings before during the pandemic wherein hackers and criminals are taking advantage of the situation and created a lot of websites related to covid. But in the background it's full of malware and everything is fake and they just wanted you to download. And once you fall and download anything, it will install malicious code like malwares.

Yes, this is what I'm trying to convey in this point, as I have said, this cyber criminals are intelligent and very quick to take advantage of any situation in their favor just to make money out of this poor individuals.

So this is a warning and everyone should be very careful on what they downloading and think about the source.