Tag Archive for: ‘Stalkerware’

Hackers uncover new TheTruthSpy stalkerware victims: Is your Android device compromised?

/in


eyes on a blue background with a phone featured prominently with location markers falling out of it, suggestive of a leak

Image Credits: Bryce Durbin / TechCrunch

A consumer-grade spyware operation called TheTruthSpy poses an ongoing security and privacy risk to thousands of people whose Android devices are unknowingly compromised with its mobile surveillance apps, not least due to a simple security flaw that its operators never fixed.

Now, two hacking groups have independently found the flaw that allows the mass access of victims’ stolen mobile device data directly from TheTruthSpy’s servers.

Switzerland-based hacker maia arson crimew said in a blog post that the hacking groups SiegedSec and ByteMeCrew identified and exploited the flaw in December 2023. Crimew, who was given a cache of TheTruthSpy’s victim data from ByteMeCrew, also described finding several new security vulnerabilities in TheTruthSpy’s software stack.

SPYWARE LOOKUP TOOL

You can check to see if your Android phone or tablet was compromised here.

In a post on Telegram, SiegedSec and ByteMeCrew said they are not publicly releasing the breached data, given its highly sensitive nature.

Crimew provided TechCrunch with some of the breached TheTruthSpy data for verification and analysis, which included the unique device IMEI numbers and advertising IDs of tens of thousands of Android phones recently compromised by TheTruthSpy.

TechCrunch verified the new data is authentic by matching some of the IMEI numbers and advertising IDs against a list of previous devices known to be compromised by TheTruthSpy as discovered during an earlier TechCrunch investigation.

The latest batch of data includes the Android device identifiers of every phone and tablet compromised by TheTruthSpy up to and including December 2023. The data shows TheTruthSpy continues to actively spy on large clusters of victims across Europe, India, Indonesia, the United States, the United Kingdom and elsewhere.

TechCrunch has added the latest unique identifiers — about 50,000 new Android devices — to our free spyware lookup tool that lets you check if your Android device was compromised by TheTruthSpy.

Security bug in TheTruthSpy exposed victims’ device data

For a time, TheTruthSpy was one of the most prolific apps for facilitating…

Source…

Protect Yourself From Abuse: How to Find and Remove Stalkerware on Your Phone and PC

/in


What if your phone calls, texts, FaceTime sessions, and GPS locations were being logged without your consent? What if they were all being sent to a tech-savvy stalker—often a former romantic partner or an abusively controlling current partner—who had gotten malware onto your phones, tablets, and pcs, effectively bugging them? That’s the unsettling job of stalkerware, a type of commercially available software designed to spy on victims without being detected.

Stalkerware can operate stealthily, so you probably wouldn’t know if your devices had it installed. According to a 2020 report from cybersecurity company Kaspersky, a majority of people with stalkerware on their devices don’t even know that the type of software exists, meaning they can’t protect themselves from it. We’ll help you understand what stalkerware is, how to remove it from your devices, and how to make sure stalkers can’t install it on your devices again, once they are clean.

What Stalkerware Is and Why It’s Considered Abusive

Make no mistake, stalkerware is a form of abuse. According to the Coalition Against Stalkerware (CAS), this type of software “may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.” Stalkerware is often marketed as a way to spy on current or former romantic partners, but it can also be found packaged as parental control software or employee tracking solutions.

Stalkerware programs’ legal status is vague in most countries. In many places, the software itself can be distributed legally. Using stalkerware to monitor someone, however, may be a punishable offense. The people who create stalkerware usually mention this in the terms and conditions, stating that you must not use the software in a manner that is illegal in the country or territory in which you live.

Technology-enabled abuse isn’t limited to stalkerware. Abusers can use seemingly innocuous utilities and built-in parental control apps like the “Find My” and Screen Time functions on Apple devices to keep tabs on their partner’s whereabouts and activity. Google’s Family Link application can be similarly used and abused by stalkers to track survivors or limit the sites they can…

Source…

Move aside malware, the rising threat is stalkerware

/in


  • Cyberattacks, fraud, phishing, breaches and hacks have increased in sophistication, focus and capability, says an expert.
  • Criminals are becoming much more focused – instead of distributing encrypted files widely, they pick a target and find out all they can about that target.
  • In SA half of all companies surveyed suffered a ransomware attack in the past year, which led to an average of seven days of downtime.

Consumers must remain vigilant when it comes to their online activities if they are to keep themselves safe from the growing threat of cyberattacks – especially as criminals become more focused and sophisticated.

Moreover, stalkerware – a more focused form of cyber-attack – is on the rise. 

Lehan van den Heever, enterprise cyber security advisor for Kaspersky in Africa, explains that stalkerware is focused on specific individuals.

Among other things, stalkerware can enable the perpetrator to track a victim’s location, read their messages, view their photos and videos, eavesdrop on telephone conversations, and see everything typed on the keypad.

Cyberattacks, fraud, phishing, breaches and hacks have increased in sophistication, focus and capability, according to Anna Collard, senior vice president of content strategy at KnowBe4 Africa.

“Every front is vulnerable, every corner at risk, and the skills required to support organisations in the battle are rare, expensive and hard to find. Furthermore, there is a pressing need to empower women within the cybersecurity space,” she says.

No one immune

These warnings come on the back of an attack on Virgin Active’s systems on Friday.

On Friday evening, the gym group announced that it had become aware of a cyber-attack and that its security experts “immediately started working with cyber-security experts to carefully contain, manage and investigate the cyber event,” it said in a notice posted on its site.  

This was after its site had been inaccessible for some time during the day. 

It said it had been targeted by “sophisticated cybercriminals” and had taken its systems offline as it attempted to resolve the issue. 

There was no indication that any data had been removed from its systems, Virgin Active said. 

Ransomware? Don’t…

Source…

Introduction to Traced Mobile Security & Privacy

/in