Amid Israel-Hamas conflict, hackers use ‘RedAlert’ rocket alert app to install spyware on Android devices

RedAlert, an open-source app that alerts Israeli citizens about incoming rockets is reportedly being used by threat actors to install spyware on Android devices.

RedAlert app | RedAlert rocket app | Redalert malware

The malware packed app offers the same functionality as the original version. (Express Photo)

Listen to this article

00:00

1x 1.5x 1.8x

RedAlert, an open-source app used by Israeli citizens to provide real-time rocket alerts of incoming rockets is reportedly being used by threat actors to install malware on Android devices.

According to a report by Cloudflare’s Cloudforce One Threat Operations Team, the malicious version of the app offers the same functionality as the legitimate app but accesses sensitive information like contacts, SMS, account information, call logs and list of apps installed on the device.

It goes on to say that the website for the malware-laden version of the app was created on October 12, almost a week after Hamas fired more than 5,000 rockets into Israeli airspace.

Here’s how the fake RedAlert website looked like. (Image Source: Cloudflare)

While the fake website includes links to both the iOS and Android versions of the app, clicking on the iOS button takes you to the Apple App Store. But if you tap the Android button, it downloads an APK that looks and works similarly to the original version.

Also Read | From made in India Pixels to govt schemes on Search, top announcements at Google for India

The infected version of RedAlert also features anti-debugging, anti-emulation and anti-test mechanisms, which makes it hard for researchers to inspect the code. However, the malware-packed Redalert app asks for more permissions compared to the original version on the Play Store.

In the last few days, apps that alert users of incoming missile strikes have become targets for threat actors. Another rocket alert app, called ‘Red Alert: Israel’, became the target for hackers, who exploited a vulnerability that allowed them to intercept requests and send fake alerts to some users, one of which includes a message that says ‘a nuclear bomb is coming.’

Top Stories

Mamata Banerjee addressed anti-SIR rally in Bongaon

Cities ‘Election yet to begin, but confrontation starts’: Mamata fumes after missing helicopter ride to rally, blames BJP

Actor Dharmendra dies at 89. (Photo: Express Archives)

Entertainment Dharmendra dies at 89: The 'macho' hero who broke boundaries, gave India both Sholay and Satyakam

Mumbai entrepreneur moves to Bangkok, India quality of life

Sports Yashasvi Jaiswal refuses to learn from his mistakes, gets out playing the cut shot again

Opinion The original thinker the thought elite didn’t celebrate — and should have

Live Blog

Loading Taboola...