become.1 GmbH - Phishing Warning Triggered by Default Firebase Auth Domain – Incident details

All systems operational

Phishing Warning Triggered by Default Firebase Auth Domain

Resolved
Operational
Started 5 months agoLasted 4 days

Affected

App

Under maintenance from 7:40 AM to 3:35 PM, Operational from 3:35 PM to 6:36 AM

Updates
  • Resolved
    Resolved

    We want to inform you that the recent login and security issues reported by some users have been successfully resolved.

    Thanks to your timely feedback and alerts, our teams were able to respond quickly and implement a solution. The fix is already live in our production systems, and DNS updates will be fully completed within the next 24 hours.

    We are currently monitoring all systems closely to ensure everything continues to work smoothly and securely.

    Thank you again for your attention and support — your input was crucial in helping us respond swiftly and effectively.

  • Monitoring
    Monitoring

    Issue was solved and tested on our test environments. Waiting for external actions to deploy the solution to production.

  • Identified
    Identified

    A phishing warning was reported during login to the become1 app due to the use of Firebase’s default authentication domain ([PROJECT_ID].firebaseapp.com).
    Use of Firebase’s shared default domain, which is occasionally flagged due to misuse by other applications.