Bitcoin btc
$ usd

Hackers Break Into Stalkerware Potentially Helping Thousands of Victims

2 mins
Updated by Michael Washburn
Join our Trading Community on Telegram

In Brief

  • A report reveals that Portuguese spyware WebDetetive compromised over 76,000 Android devices, mostly in Brazil.
  • White hat hackers claim to have hacked WebDetetive servers, deleting user data and severing links to potentially help thousands.
  • Hacking like this has risks, as it could unintentionally alert abusers who installed the spyware and further endanger victims.
  • promo

A report from TechCrunch reveals that Portuguese-language spyware called WebDetetive has compromised over 76,000 Android devices, predominantly in Brazil. However, white hat hackers claim to have deleted user data from its servers, potentially helping thousands.

The report states that unnamed hackers discovered and exploited vulnerabilities in WebDetetive’s servers. By hacking the spyware company’s web dashboard, the hackers accessed user databases and downloaded records, including customer emails.

According to the report, the dashboard hack also allowed the white hat hackers to sever connections between victims’ devices and WebDetetive’s servers. The hackers claimed this prevented devices from sending new data to WebDetetive.

WebDetetive is a type of software called “stalkerware,” a subgroup of spyware that is usually put on victims’ phones without their consent. Usually by a partner or spouse who suspects infidelity, but the reasons can be even more sinister.

Spyware is also incredibly popular among government spy agencies for surveillance purposes. By compromising WebDetetive’s servers, the hackers have potentially saved thousands from having their data stolen

Keep your data safe with these handy tips: Data Privacy: 10 Tips to Protect Your Digital Privacy

The hackers provided TechCrunch with a 1.5GB cache of data stolen from WebDetetive’s dashboard. The publication verified the authenticity of some device identifiers in the cache by matching them to endpoints on WebDetetive’s servers.

However, the outlet was not able to independently confirm that the hackers deleted user data, as claimed. Although, in a note seen by TechCrunch, the hackers wrote:

Which we definitely did. Because we could. Because #fuckstalkerware.”

Per the report, the cache contained information about WebDetetive customers and details on each compromised device. However, it did not include any contents taken from victims’ phones.

Hacker Sells Data, Singapore, Monero, XMR, Razer, gaming hack
Stalkerware is often used by partners that suspect infidelity, but government spy agencies also use it too.

TechCrunch indicates the data showed WebDetetive had impacted 76,794 devices and contained info on over 74,000 unique customer emails. The report notes the stalkerware does not verify customer emails.

WebDetetive Linked to Another Spy App

Furthermore, WebDetetive also appears to be connected to another spyware called OwnSpy, developed in Spain. TechCrunch’s analysis found WebDetetive’s Android app contains largely recycled OwnSpy code.

Portions of OwnSpy’s infrastructure reportedly went offline shortly after TechCrunch contacted its developer.

However, white hat hacking such as this can have unintended consequences. Severing connections without warning could unintentionally alert the abusers who installed the spyware. This, in turn, could put victims in further danger.


In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.

Josh Adams
Josh is a reporter at BeInCrypto. He first worked as a journalist over a decade ago, initially covering music before moving into politics and current affairs. Josh first owned...