Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Spyware App Compromised Over 60,000 Android Devices to Steal Sensitive Data

Spywares are software that is used as a surveillance application to collect sensitive information from victims and send it to the person who installed the application.

These apps stealthily hide on the victim’s device which makes them difficult to detect.

Spyhide is one of the widely used spyware which can be used by someone who wants to spy on their partner. This can be done only if the person knows the passcode of the victim’s device.

However, spyware is known to leak sensitive information if they are buggy.

Spyhide Exposed

Switzerland-based hacker maia arson crime posted in his blog that the developers of Spyhide exposed a portion of the development environment that allows access to the source code of the web-based dashboard.

This web-based dashboard was vulnerable due to poor coding which allowed access to its backend databases. Crimew was able to access enormous amounts of sensitive data relating to several victims worldwide.

Thousands of Spyhide Victims

As per reports, the backend database of Spyhide consisted of around 60,000 compromised devices which date back to 2016. The database included records of call logs, text messages, and location history along with photos and image metadata. 

These data were fed into an offline geospatial and mapping software which resulted in a cluster of thousands of victims around Europe and Brazil.

There were around 3100 compromised devices in the United States which also included the most surveilled victims as per the network of location data.

One particular compromised device was found to have uploaded 100,000 data points in which all of them were located in the U.S. The database also consisted of 750,000 users who were planning to infect the spyware on another victim.

In addition, statistical analysis also showed more than 4000 users were controlling more than one compromised device. Overall data consisted of 3.29 million text messages, 1.2 million call logs, 312k recording files, 925k contact lists, 382k photos and images, and 6000 ambient recordings.

Furthermore, the text messages from the compromised devices also consisted of highly sensitive data like Two-factor codes, password reset links, and much more. 

Iranian Developers and Hetzner (German Hosting Provider)

Most spyware administrators hide their true identity in order to avoid legal and reputational risks.

Spyhide developers also tried to hide their involvement but the source code of Spyhide pointed to the original developers Mostafa M and Mohammed A. 

One of the developers Mostafa M was found to be residing in Dubai as per his LinkedIn profile.

Advertisement. Scroll to continue reading.

The other developer was found through the registration of Spyhide’s domain. Both of the developers were found to have lived in the same northeastern Iranian city. 

Spyware is banned from the Google Play store due to which the users must download them from the software’s official website. In this case, Spyhide was hosted by a German-based hosting provider Hetzner. However, the domain was seized after Hetzner reported about the spyware hosting. 

Spyware apps hide as legitimate apps like “Google Settings” or “T.Ringtone” with musical cog icons. 

Spyware apps masquerading as legitimate apps (Source: Techcrunch)

Furthermore, Techcrunch conducted research on it which reveals the data transmission and several other pieces of information.

Users are recommended to download applications only from legitimate application markets like Google Play Store or App Store. It is also recommended to install spyware detection apps like Google Play Protect which can detect spyware apps and prevent them from sending data.

Source: https://cybersecuritynews.com/spyware-app-compromised/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

In recent findings from Check Point Research, a significant phishing attack targeting more than 40 prominent Colombian companies has been uncovered.  The attackers behind this campaign...

Cyber Security

According to recent reports, a threat actor has compromised the confidential information of 3,200 Airbus vendors. The exposed data includes sensitive details such as...

Cyber Security

A group of Researchers unearthed critical code Proton Mail vulnerabilities that could have jeopardized the security of Proton Mail, a renowned privacy-focused webmail service. ...

Cyber Security

Telegram Messenger offers global, cloud-based instant messaging with several features:- Cybersecurity researchers at Securlist recently found several Telegram mods on Google Play in various...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO