Trusted Design

RedAlert Trojan Campaign: Fake Emergency Alert App Spread via SMS Spoofing Israeli Home Front Command

概要

A malicious SMS spoofing campaign is spreading a fake version of Israel's 'Red Alert' emergency app amid ongoing conflict. The trojanized Android app, disguised as a trusted warning platform, can steal SMS, contacts, and location data while appearing legitimate. The campaign exploits public fear during crises to deploy mobile spyware. The malware uses sophisticated techniques to bypass security checks, including package manager hooking and dynamic payload loading. It mirrors the official app's interface but requests high-risk permissions. The malware continuously tracks GPS coordinates and exfiltrates data to attacker-controlled infrastructure, posing severe strategic and physical security risks. This campaign erodes trust in emergency response systems and could potentially be used for targeted attacks or to optimize missile targeting.

Created: 2026-03-04

Indicators

• hostname - api.ra-backup.com -
• URL - https://api.ra-backup.com/analytics/submit.php -
• FileHash-MD5 - 9c6c67344fecd8ff8dbbee877aad7efc -
• URL - https://www.shirideitch.com/wp-content/uploads/2022/06/RedAlert.apk -
• FileHash-SHA256 - 83651b0589665b112687f0858bfe2832ca317ba75e700c91ac34025ee6578b72 -

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る