Over the last few days hackers and trolls have targeted a slew of ICE spotting apps and their users in an apparent attempt to intimidate and stop them from reporting sightings of ICE. These hackers sent threatening text messages to users of StopICE, claiming their personal data has been sent to the authorities; attempted to wipe uploads on Eyes Up, which aims to document ICE abuses; and even sent push notifications to DEICER app users claiming their data has also been sent to various government agencies.
There is little evidence that hackers have actually provided data to the government. But it shows that apps like these, many of which Apple and Google have already kicked from their respective app stores, in some cases after direct government pressure, can be targeted by hackers or those looking to harass their users.
“Yes there is a targeted spike in attacks targeting similar [sites],” Sherman Austin, the developer of StopICE, told 404 Media in an email.
Archive: http://archive.today/iOfNf
If a troll can send mass push notifications through your app you’re doing security wrong.
Most of these apps were probably put together in a massive rush in response to people suddenly becoming aware of the threat that ICE poses. My guess would be that the most egregious security flaws are a result of vibe-coded (i.e. AI generated) code where it really shouldn’t be.