WebDetetive, a Portuguese-language spyware company, has fallen victim to a hacker attack, with the attackers gaining access to its servers and databases. The company’s spyware was used to compromise over 76,000 Android phones across South America, mainly in Brazil.
The hackers claim to have exploited several vulnerabilities, including the security issues in the app’s dashboard that allowed them to breach WebDetetive’s servers and download every dashboard record. The intruders said they also deleted victim devices from the spyware network.
The attackers managed to scrape more than 1.5 gigabytes of data from the web dashboard, including 74,336 unique customer email addresses and other customer details like the IP addresses customers logged in from, purchase history, every device that each customer had compromised, which version of the spyware the phone was running, and the types of data that the app was collecting from the victim’s phone.
While not much is known about WebDetetive’s administrators, the stalkerware has been linked to OwnSpy, another notorious spyware app developed by a Madrid-based company Mobile Innovations.
According to the information on OwnSpy’s website, the service has been in operation since at least 2010 and has 50,000 customers.
This is not the first time a stalkerware company has been hacked. In June, the Poland-based developer behind the LetMeSpy phone monitoring app was breached, with the hackers stealing sensitive data collected by the app, including text messages, call logs and locations. In August, the spyware service provider announced that the LetMeSpy website and service will close permanently on August 31.
