Hacktivists hit Israeli rocket warning apps
Islamist hacktivist group AnonGhost hijacks Red Alert: Israel to sow panic among Israeli population.
The Group-IB cybersecurity firm revealed on October 9, 2023, that AnonGhost, an Islamist and pro-Palestinian hacktivist group, hacked the Red Alert: Israel app. The latter, which has a million downloads in the country, is intended to report attacks to the population, particularly rocket alerts, and encourage them to seek shelter.
AnonGhost exploited a vulnerability in Red Alert: Israel to intercept requests and send false information. On October 8, 2022, the hacktivists thus used the app to announce an incoming nuclear attack on Israel, in order to spread panic in the population. Red Alert: Israel was subsequently removed from mobile app stores.
Cloudfare reports that soon after, on October 12, 2023, a fake website impersonated a similar app, Red Alert: Rocket Alerts. The website contained download links and, while the iOS version led to the legitimate app, the Android one led to a malicious version.
Although the latter looked like the real Red Alert: Rocket Alerts, it allowed cybercriminals to steal data from infected devices. Upon install, the app requested access to contacts, call logs, text messages, account information and its list of installed apps. It was then able to transfer this data to third parties. The malicious website is now offline.