WARNING: fake RedAlert rocket alert app for Israel is spyware

Oct 18 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that is your Iron Dome against the Hamastinians of cybercrime ✊

Today’s hottest cybersecurity news stories:

  • ⚠️ WARNING: fake RedAlert rocket alert app for Israel is spyware πŸ•΅οΈ

  • πŸ”’ Lockbit ransomware gang demands $80m from CDW corporation

  • 🚨 UPDATE: Signal confirms that zero-day vuln reports were straight bs πŸ’©

Israel versus MALestine 😬

 

giphy.com

 

🚨 Important Security Alert for Israeli Android Users 🚨

Dear valued subscribers, we want to keep you informed about a critical security issue affecting Israeli Android users. πŸ“±πŸ”’

What’s happening?

Hackers are exploiting the high demand for the ‘RedAlert – Rocket Alerts’ app due to recent rocket attacks in South Israel. A malicious version of the app is circulating, posing as the real thing but secretly collecting personal data πŸ•΅οΈβ€β™‚οΈ.

The Details:

πŸ” The legitimate ‘RedAlert’ app is used to receive rocket attack notifications and has over a million downloads.

🦠 Malicious actors created a fake website, “redalerts[.]me,” on October 12, 2023, offering both iOS and Android downloads.

πŸ€– The Android download provides an APK file that instals spyware on your device.

What to Watch Out For:

πŸ”’ Permissions: When installing the app, review the permissions it requests. If it asks for excessive access, it’s likely the fake version. To check permissions on an already installed app, long-press the icon, select ‘App info,’ and tap ‘Permissions.’

πŸ” Security Updates: Ensure you’re using the latest app version with security fixes to minimise the risk of hacks.

The fake site is currently offline, but we urge you to stay vigilant, as threat actors may resurface with a new domain.

Your safety is our top priority. Please share this alert with friends and family, and let’s keep our community safe together! 🀝

Stay safe, stay informed. πŸ’ͺπŸ“’

 

Clean your Mac or PC

 

Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.

That’s where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:

  • Remove junk files and malware to free up space and improve performance

  • Protect your privacy by erasing sensitive data

  • Optimize your startup settings to speed up boot times

  • Manage your extensions and apps to keep your Mac or PC running smoothly

Since 2008 MacPaw is trusted by over 30 million users worldwide, and it’s the perfect solution for keeping your Mac or PC safe and secure.

A Lockbit much, no? πŸ‘€

 

giphy.com

 

πŸ”’ CDW Corporation Faces LockBit Ransomware Attack: Data at Risk πŸ”’

πŸ‘‹ Dear subscribers, we have a concerning security update to share with you. The technology services giant CDW is currently dealing with a cyberattack by the LockBit ransomware gang, which claims to have accessed and threatens to leak the company’s data. 😱

CDW in the Spotlight:

🌐 CDW Corporation, a leading technology solutions provider, is now the focus of a LockBit ransomware attack. CDW serves a wide range of sectors, including government, education, and business. Their subsidiary, CDW-G, is dedicated to U.S. governmental entities, such as schools, universities, and healthcare organisations. πŸ’πŸ«πŸ’Ό

Ransom Demand and Negotiation:

πŸ’° LockBit ransomware gang demanded an astounding $80 million ransom, while CDW offered a mere $1.1 million. Negotiations broke down due to a substantial gap in the ransom amount. πŸ€πŸ’Έ

Response and Investigation:

πŸ•΅οΈβ€β™‚οΈ CDW quickly detected suspicious activity related to its subsidiary, Sirius Federal servers. They launched an investigation, collaborating with cybersecurity experts. CDW assures that these servers are “non-customer-facing” and isolated from their main network. πŸ•΅οΈβ€β™€οΈπŸ”

Data Exposure on the Dark Web:

🌌 Data stolen from CDW is reportedly available on the dark web. The company is actively reviewing this information and will take appropriate actions, including notifying affected parties. πŸŒπŸ’Ό

A Serious Ransom Demand

πŸ’₯ This attack stands out due to the gang’s staggering ransom demand, ranking among the top three largest public ransom demands known. πŸ“ˆπŸ”

CDW remains fully operational, but the situation is evolving. We’ll keep you updated as more information becomes available. Stay vigilant and ensure your cybersecurity measures are in place. πŸŒπŸ›‘οΈ

Stay safe, stay informed. πŸ’ͺπŸ“’

🎣 Catch of the Day!! 🌊🐟🦞

πŸƒΒ The Motley Fool: β€œFool me once, shame on β€” shame on you. Fool me β€” you can’t get fooled again.” Good ol’ George Dubya πŸ˜‚ Let us tell who’s not fooling around though; that’s the CrΓΌe πŸ‘€ at Motley Fool. You’d be a fool (alright, enough already! πŸ™ˆ) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! πŸ› Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets πŸ€‘Β (LINK)


🚡 Wander: Find your happy place. Cue Happy Gilmore flashback πŸŒοΈβ›³πŸŒˆπŸ•ŠοΈ Mmmm Happy Place… πŸ˜‡ So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway 🏞️😍 (LINK)


🌊 Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts βšΎπŸ‘»πŸΏ (Great movie, to be fair πŸ™ˆ). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty πŸ˜‘). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho πŸ˜‰ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! 🌿 (LINK)

Another Signaling failure? πŸ“Ά

 

giphy.com

 

πŸš€ Signal Responds to Alleged Flaw Reports πŸ›‘οΈ

Signal, the encrypted messaging app, has addressed recent “viral reports” about a supposed zero-day vulnerability in its software. The company conducted a thorough investigation and found no evidence to support this claim.

πŸ” Signal’s Statement:

Signal stated that after a responsible investigation, they discovered no proof to suggest the alleged vulnerability is real. They also reached out to the U.S. government, which similarly found no information to validate the claim. If anyone possesses valid information, they’re urged to report it to security@signal[.]org. πŸ•΅οΈβ€β™‚οΈπŸ”

πŸ“± Security Precautions:

As a precaution, users have been advised to disable link previews in the app. This can be done by going to Signal Settings > Chats > Generate link previews. πŸ“΅πŸ“§

🌐 Zero-Day Vulnerabilities:

This news coincides with reports of zero-day vulnerabilities being sold for significant sums to infiltrate messaging apps like WhatsApp. Such flaws are lucrative for nation-state threat actors, as they can be used for covert surveillance and remote code execution on mobile devices. πŸŒŽπŸ’°

πŸ” Spyware Attacks on the Rise:

Amnesty International recently reported an increase in spyware attacks targeting journalists, politicians, and academics in the EU, the U.S., and Asia. The Predator spyware, developed by the Intellexa alliance, is a tool in these attacks. πŸ“’πŸ”

πŸ•΅οΈ The Cyber Operation Platform:

Predator spyware infections are managed through a web-based system called the “Cyber Operation Platform,” enabling attackers to access sensitive information from infected devices, including photos, location data, chat messages, and microphone recordings. πŸŒπŸ“ΈπŸŒ

🌐 Weaponizing Digital Advertising:

Commercial surveillance vendors are exploring ways to exploit the digital advertising ecosystem for global mobile device targeting and infection using ad networks. This underscores the increasing sophistication of cyber threats. πŸ’»πŸŒ

Stay informed and vigilant in the face of evolving cybersecurity challenges. πŸ€πŸ›‘οΈ

πŸ—žοΈ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • πŸ’ŠΒ HealthHack:Β Tech is making it easier than ever to reach your fitness goals, from wearable devices to nutrition apps, this newsletter does the research for you, get all the latest health tech gadgets delivered to your inbox.

  • β‚Ώ Crypto Nutshell: A well written and beautifully designed newsletter giving you the lowdown on crypto and web3, highly recommend if interested to get up to date info on the crypto/web3 market.

  • 🧠 Big Brain: Trending AI news, jobs and tools delivered in 3 minutes per day.

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles