Fake ‘RedAlert’ Rocket Alert App for Israel Installs Android Spyware

Israeli Android users are targeted by a malicious version of the 'RedAlert – Rocket Alerts' app that, while it offers the promised functionality, acts as spyware in the background. RedAlert – Rocket Alerts is a legitimate open-source app used by Israeli citizens to receive notifications of incoming rockets targeting the country. ]me," which was created on October 12, 2023, and includes two buttons to download the app for the iOS and Android platforms.  The iOS download redirects a user to the legitimate project's page on the Apple App Store, but the Android button directly downloads an APK file to be installed on the device. Fake site used for distributing spyware (Cloudflare) Spyware alert The downloaded APK uses the legitimate code of the real RedAlert app, so it contains all the regular functionality and appears as a legitimate rocket alert tool. However, Cloudflare found that the application requests additional permissions from the victims, including access to the user's contacts, numbers, SMS content, list of installed software, call logs, phone IMEI, logged-in email and app accounts, and more.