A group of anonymous hackers have compromised a Brazilian spyware company’s systems and removed over 76,000 phones from its network, TechCrunch reports.
Citing an undated note, TechCrunch reported that the unnamed hackers described how they infiltrated WebDetetive’s [sic] servers and accessed its user base.
WebDetetive is a phone monitoring app that people with malicious or unethical intent might install on a person’s phone without their consent to keep track of their movements and phone activity.
It hides itself by changing its icon on the home screen and is difficult to detect and remove.
By exploiting vulnerabilities in the spyware company’s web dashboard, the hackers could enumerate and download each customer’s records, including their email addresses.
It should be noted that the customers are those who used WebDetetive’s spyware, not the victims unknowingly targeted by the software.
With extensive dashboard access, the hackers also alleged they were able to cut the connection between WebDetetive’s servers and victims’ devices, effectively deleting them from the company’s spyware network and preventing data from being uploaded further.
However, TechCrunch said it could not confirm that the hackers had indeed carried out this act of benevolence.
Included with the note was a cache of 1.5GB of data the hackers scraped from the dashboard, which was downloaded by a nonprofit transparency collective, DDoSecrets.
TechCrunch analysed the contents and verified it was authentic.
It included information on each customer that used the service, including the IP address they logged in from and what they purchased.
In addition, it revealed every device a customer had compromised, the version of the spyware installed on their device, and what types of data were collected.
The records showed 76,794 devices were compromised with WebDetetive spyware, while 74,336 customers had created accounts with the service.