image

BEWARE! Hackers Send Fake Rocket Alerts via Hacked Red Alert App

Pro-Palestinian hackers from AnonGhost apparently managed to hack the Red Alert app, whose sole purpose is to send missile and rocket alerts to Israelis.

In the midst of the ongoing conflict between Israel and Hamas, a group of Pro-Palestinian hackers operating under the moniker AnonGhost launched a cyberattack on the RedAlert app, causing chaos among Israeli citizens over the weekend.

Developed by Kobi Snir, an app developer and IoT researcher, the Red Alert App serves a critical purpose by providing real-time alerts whenever rockets, mortars, or missiles are fired into Israel from the Gaza region.

Singapore-based cybersecurity firm Group-IB confirmed the cyberattack. In a brief tweet, the company’s threat analysis team revealed that AnonGhost had exploited an API vulnerability within the Red Alert app.

The group successfully intercepted requests, exposing vulnerable servers and APIs, allowing them to employ Python scripts to send spam messages to some Israeli app users. This resulted in users receiving false missile alerts on their smartphones, further worsening the already dire situation in the country.

But the extent of the attack didn’t stop at fake rocket alerts. According to Group-IB’s Threat Intelligence system, AnonGhost also sent fabricated messages regarding a “nuclear bomb” attack on Israel.

One of the announcements from AnonGhost on Telegram boasts about the attack with the following words:

“Israel’s RedAlert phone app system hacked by AnonGhost + AG Members. Before this attack happened we have found that there are about 10,000 users online in this chat. All 10k to 20k users in this application will get the same notification.”

Furthermore, the group claimed that, aside from sending fake alerts and causing hysteria, the impact of this attack also includes disconnecting the user’s phone from the Internet and rendering the phone unusable, forcing the victim to purchase a new one. However, these claims remain unverified at this time.

Screenshot shared by AnonGhost shows the group has access to the app (Screenshot: Telegram – Hackread.com)
Screenshot shared by AnonGhost shows the group is sending fake nuclear bomb alert message through the app (Screenshot: Telegram – Hackread.com)

Hackread.com delved into these claims and discovered a video shared by AnonGhost on their Telegram channel, demonstrating that the group had exploited the RedAlert app to send emergency alerts about fictitious rocket and nuclear bomb attacks.

The Red Alert App is available on iOS; however, its Android version has been removed for unknown reasons

The conflict between Israel and Hamas ignited on October 7, 2023, when Hamas fighters launched a surprise attack on Israel, crossing the border from the Gaza Strip into Israeli territory. Hamas reported casualties among Israelis and claimed to have taken dozens of hostages.

Israel, on the other hand, characterized Hamas’ attack as unprovoked and an attempt to annihilate the country. Reuters reported that Israel responded with airstrikes on the Gaza Strip, resulting in the deaths of hundreds of Palestinians, including at least 20 children.

While the physical conflict raged on, cyber warfare unfolded in parallel. Pro-Palestinian and Pro-Israeli hacktivist groups engaged in online battles, targeting each other’s infrastructure through activities such as Distributed Denial of Service (DDoS) attacks, data leaks, doxing, and social engineering.

The ongoing conflict continues to have a digital dimension, as hacktivist groups on both sides strive to make their voices heard in the cyber realm, further escalating tensions in an already volatile situation.