The hackers said that dashboard access also allowed them to delete victim devices from the spyware network altogether, effectively severing the connection at the server level to prevent the device from uploading new data. “Which we definitely did. Because we could. Because #fuckstalkerware,” the hackers wrote in the note.
This could actually lead to negative outcomes for victims, if their attacker/stalker gets a notification that the connection is broken (the article also mentions this toward the end).
Once planted, the app changes its icon on the phone’s home screen, making the spyware difficult to detect and remove. WebDetetive then immediately begins stealthily uploading the contents of a person’s phone to its servers, including their messages, call logs, phone call recordings, photos, ambient recordings from the phone’s microphone, social media apps, and real-time precise location data.
Leaving this information in servers accessible to anyone willing to put a few dozen hours into picking away at them is terrifyingly negligent. The market for this app is parents and significant others, people who traditionally care about you. At that point, you’ve already failed them and yourself.
A Portuguese-language spyware called WebDetetive has been used to compromise more than 76,000 Android phones in recent years across South America, largely in Brazil.
In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases.
DDoSecrets, a nonprofit transparency collective that indexes leaked and exposed datasets in the public interest, received the WebDetetive data and shared it with TechCrunch for analysis.
But while the breached data itself reveals few clues about WebDetetive’s administrators, much of its roots can be traced back to OwnSpy, another widely used phone spying app.
We ran a network traffic analysis to understand what data was flowing in and out of the WebDetetive app, which found it was a largely repackaged copy of OwnSpy’s spyware.
By TechCrunch’s count, at least a dozen spyware companies in recent years have exposed, spilled, or otherwise put victims’ stolen phone data at risk of further compromise because of shoddy coding and easily exploitable security vulnerabilities.
The original article contains 1,244 words, the summary contains 175 words. Saved 86%. I'm a bot and I'm open source!