- A vigilante hacker targeted an Android spyware company called SpyHuman.
- The hacker exposed massive amounts of data of SpyHuman clients and marks.
- Hacks like these should cause consumers to think twice about using spyware products.
In the old days, if you suspected your romantic partner of cheating on you, you had to hire a private detective to follow them and gather evidence. But if you find yourself questioning your lover’s fidelity in the smartphone age, all you gotta do is install some spyware on their phone.
However, if you’re using nefarious means to obtain your partner’s smartphone data, how safe do you think that data is? Judging by the recent news (via Motherboard) that a hacker stole massive amounts of data from an Android spyware firm, it’s not safe at all.
The company targeted by the unnamed hacker is the bluntly-titled firm SpyHuman, which promotes itself as a way to monitor the smartphone usage of employees and children. However, previous official promotional materials for the company – like this – advertised the notion of using its product to spy on romantic partners as well.
Like other spyware, SpyHuman’s product monitors smartphone usage and relays that information to a client. In order for it to work, the client must have physical access to the device to install SpyHuman’s spyware; but once it’s installed, it can run silently in the background with the mark none-the-wiser.
According to the company’s website, it can supply a client with phone calls and text messages, GPS locations, WhatsApp and Facebook messages, and can even remotely turn on the device’s microphone. All information is recorded and relayed to a dashboard which the client can check in real time.
And a hacker just accessed that information.
You gotta love it when the companies you pay to hack get hacked themselves.
“These spy apps should be out of market, most people spy on girls and [their] data image […] always sensitive,” the hacker wrote in a message after performing the hack. “No one have rights to do that and same these apps and provider making money by doing this.”
An intermediary between the unnamed hacker and Motherboard independently verified the hack. He reported that over 440 million call details were available via SpyHuman’s site, accessible by anyone with the know-how.
The intermediary showed the Motherboard representative a video the hacker made on how to perform the hack. Using the hacker’s spyware, it’s as easy as creating a free account and launching the program. After doing so, you see a steady stream of text messages filling the screen.
Google could end late security updates with new OEM agreements
SpyHuman then confirmed that the data belonged to its customers.
“We deeply care about our customers and the privacy of our customers’ data. After [receiving news of the hack], we immediately took actions to secure our system,” the company wrote.
Whether or not you agree with the ethics behind businesses that make money off spying on other people, it is undeniable that spyware companies will always be targets of vigilante hackers. If you find yourself mulling over the idea of spying on your children, spouse, or employees, ask yourself if you’d be comfortable with that information becoming public. Because hackers like this one are out there and they are dead set on bringing spyware companies down.
July 9, 2018 at 12:46PM