Tens of thousands of Android smartphones worldwide are secretly collecting private phone data using the phone spy app Spyhide, according to reports. A common stalkerware (or spouseware) programme that is installed on a victim’s phone by someone who knows their passcode is called Spyhide. The programme is intended to remain undetectable on the victim’s phone’s home screen, making it challenging to find and uninstall. Once installed, Spyhide uploads the phone’s contacts, messages, images, call records, recordings, and precise location invisibly and continuously.
Stalkerware apps are notoriously unstable and are known to spill, leak, or otherwise put victims’ stolen private data at increased risk of exposure, undermining the dangers that phone surveillance apps offer despite their stealth and extensive access to a victim’s phone data. The most recent spyware operation to be added to that growing list is called Spyhide.
The spyware manufacturer disclosed a piece of its development environment, according to Swiss hacker Maia Arson Crimew, who claimed in a blog post that this gave access to the source code of the web-based dashboard that abusers use to examine the stolen phone data of their victims. Crimew obtained access to the back-end databases by taking advantage of a flaw in the substandard dashboard programming, revealing the inner workings of the covert spyware operation and its presumed managers.
As per reports, up until the time of exfiltration in mid-July, Spyhide’s database had extensive records of around 60,000 hacked Android devices that had been around since 2016. These records included call logs, text messages, years’ worth of precise location history, and information on each file, including the dates that photos and videos were produced and uploaded, as well as the times that calls were made and for how long they were logged.
According to Tech Crunch, Spyhide’s surveillance network includes clusters of thousands of victims in Europe and Brazil and spans every continent. Despite the fact that there are only a small number of hacked devices in the U.S.—more than 3,100—they are nevertheless among the victims who are being monitored the most on the network due to the sheer volume of location data available. More than 100,000 location data points were covertly uploaded from one single U.S. cellphone by Spyhide.
Additionally, the database of Spyhide had information on 750,000 people who registered with the goal of installing the spyware app on a victim’s smartphone.
Also Read: “These” apps with spyware are stealing your data and sending it to China, report says
The vast majority of people who joined up did not compromise a phone or shell out money for the malware, according to the records, even if the sheer number of users implies an unhealthy propensity for utilising surveillance apps.
Follow FE Tech Bytes on Twitter, Instagram, LinkedIn, Facebook
