A report from TechCrunch reveals that Portuguese-language spyware called WebDetetive has compromised over 76,000 Android devices, predominantly in Brazil. However, white hat hackers claim to have deleted user data from its servers, potentially helping thousands.
The report states that unnamed hackers discovered and exploited vulnerabilities in WebDetetiveās servers. By hacking the spyware companyās web dashboard, the hackers accessed user databases and downloaded records, including customer emails.
SponsoredStalkerware Sends User Data to a Central Server Without Consent
According to the report, the dashboard hack also allowed the white hat hackers to sever connections between victimsā devices and WebDetetiveās servers. The hackers claimed this prevented devices from sending new data to WebDetetive.
WebDetetive is a type of software called āstalkerware,ā a subgroup of spyware that is usually put on victimsā phones without their consent. Usually by a partner or spouse who suspects infidelity, but the reasons can be even more sinister.
Spyware is also incredibly popular among government spy agencies for surveillance purposes. By compromising WebDetetiveās servers, the hackers have potentially saved thousands from having their data stolen.Ā
Keep your data safe with these handy tips: Data Privacy: 10 Tips to Protect Your Digital Privacy
The hackers provided TechCrunch with a 1.5GB cache of data stolen from WebDetetiveās dashboard. The publication verified the authenticity of some device identifiers in the cache by matching them to endpoints on WebDetetiveās servers.
However, the outlet was not able to independently confirm that the hackers deleted user data, as claimed. Although, in a note seen by TechCrunch, the hackers wrote:
SponsoredWhich we definitely did. Because we could. Because #fuckstalkerware.ā
Per the report, the cache contained information about WebDetetive customers and details on each compromised device. However, it did not include any contents taken from victimsā phones.
TechCrunch indicates the data showed WebDetetive had impacted 76,794 devices and contained info on over 74,000 unique customer emails. The report notes the stalkerware does not verify customer emails.
WebDetetive Linked to Another Spy App
Furthermore, WebDetetive also appears to be connected to another spyware called OwnSpy, developed in Spain. TechCrunchās analysis found WebDetetiveās Android app contains largely recycled OwnSpy code.
Portions of OwnSpyās infrastructure reportedly went offline shortly after TechCrunch contacted its developer.
However, white hat hacking such as this can have unintended consequences. Severing connections without warning could unintentionally alert the abusers who installed the spyware. This, in turn, could put victims in further danger.
