1

NextDNS blocking legitimate Israeli rockets alert app

I noticed that redalert.me is being blocked by Threat Intelligence Feeds:

However, this is a legit domain used by the open source RedAlert app.

According to Cloudflare, there is a malicious domain at redalerts[.]me (notice the s), but redalert.me is legitimate:

In the last two days, a new malicious website (hxxps://redalerts[.]me) has advertised the download of well-known open source application RedAlert by Elad Nava (https://github.com/eladnava/redalert-android). Domain impersonation continues to be a popular vector for attackers, as the legitimate website for the application (hxxps://redalert[.]me ) differs from the malicious website by only one letter. Further, threat actors continue to exploit open source code and deploy modified, malicious versions to unsuspecting users.

It seems to me like the legitimate domain was accidently blocked. Please remove it from the blocklist.

Reply

null

Content aside

  • 1 Likes
  • 5 mths agoLast active
  • 49Views
  • 1 Following