Home Spyware hack shows 76,000 phones breached

Spyware hack shows 76,000 phones breached

Aug 28 – A spyware maker’s servers and databases have been hacked. By exploiting flaws in the group’s web dashboard, the adversaries were able to download every dashboard record, including every customer’s email address.

Access to the dashboard enabled hackers to delete victims’ devices from the spyware network, severing the connection at the server level to prevent the devices from uploading new data. In other words, spouses who were using the software to spy on their partners could no longer illicitly have data uploaded onto the internet for future perusal.

The hackers sent a note to the spyware maker. Included with the note was a cache containing over 1.5 gigabytes of data. The data featured details pertaining to each customer and listed every device that each customer had compromised.

What is WebDetetive?

WebDetetive is a phone monitoring app that is surreptitiously added to a person’s phone without their consent. It’s often used by spouses who have their partners’ phone password. Once added, the app changes its icon on the phone’s home screen, rendering the software difficult to detect and remove.

Shortly thereafter, the spyware stealthily uploads the contents of a person’s phone to WebDetetive servers. Uploaded data can include messages, call logs, phone call recordings, photos, ambient recordings from the phone’s microphone, social media apps and real-time precise location data.

More information

DDoSecrets, a non-profit transparency group that catalogues leaked and exposed datasets for public good, received the compromised WebDetetive data and provided it to industry professionals for analysis.

To-date at the time of breach, researchers revealed that WebDetetive’s software was responsible for the compromise of 76,794 devices. Industry analysts were able to verify the authenticity of the data.

While WebDetetive’s origins remain a mystery, it has been linked to OwnSpy, another widely used phone spying app. For more on this story, please click here. Lastly, to receive more timely cyber security insights and cutting-edge analyses, please sign up for the cybertalk.org newsletter.