Researchers have uncovered a mobile spyware campaign distributing a trojanized version of Israel’s “Red Alert” rocket warning Android app through SMS messages impersonating official emergency communications. The malicious app retains its legitimate alert functionality to appear trustworthy while secretly collecting sensitive data such as SMS messages, contacts, location information, and installed app details. Stolen data is then transmitted to attacker-controlled servers. The campaign demonstrates how attackers exploit public trust in emergency services and current events to deploy mobile espionage tools. The findings highlight the importance of verifying app sources and monitoring unusual device behavior during periods of heightened social engineering activity.
Read the full report here.
