{"id":498013,"date":"2023-06-28T14:27:50","date_gmt":"2023-06-28T12:27:50","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=498013"},"modified":"2023-06-28T14:30:26","modified_gmt":"2023-06-28T12:30:26","slug":"spyware-app-gets-hacked","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/498013-spyware-app-gets-hacked.html","title":{"rendered":"Spyware app gets hacked"},"content":{"rendered":"<p>A spyware app designed to help people track the location and activity of other Android smartphone users has been hacked, <a href=\"https:\/\/techcrunch.com\/2023\/06\/27\/letmespy-hacked-spyware-thousands\/\" target=\"_blank\" rel=\"noopener\"><strong>TechCrunch reports<\/strong><\/a>.<\/p>\n<p><a href=\"http:\/\/www.letmespy.com\/\" target=\"_blank\" rel=\"noopener\"><strong>LetMeSpy<\/strong><\/a> is an Android app marketed as a tool for parental or employee monitoring.<\/p>\n<p>However, it is one of several apps commonly abused by stalkers or abusive partners to spy on unsuspecting victims.<\/p>\n<p>Once installed on a target&#8217;s phone, it can relay text messages, call logs, and exact location data to the installer&#8217;s device.<\/p>\n<p>It does so in the background, and the user being tracked is usually unaware of its presence.<\/p>\n<p>TechCrunch said because of the extensive access privileges these apps require, they are infamously vulnerable to security flaws, and several have been hacked in the past few years.<\/p>\n<p>That has resulted in private phone data being exposed to people other than the original installer.<\/p>\n<p>TechCrunch first learned about the incident affecting LetMeSpy through a post on <a href=\"https:\/\/niebezpiecznik.pl\/post\/letmespy-android-wyciek-hacked\/\" target=\"_blank\" rel=\"noopener\"><strong>Polish security research blog Niebezpiecznik<\/strong><\/a>.<\/p>\n<p>When the blog contacted LetMeSpy for comment, the hacker responded instead.<\/p>\n<p>The hacker claimed they had deleted LetMeSpy&#8217;s databases, but a copy of the hacked database appeared online on the same day.<\/p>\n<p>TechCrunch verified the contents, which contained years of call logs and text messages from at least 13,000 devices going back to 2013.<\/p>\n<p>In a subsequent notice on its login page, LetMeSpy said it suffered an attack that led to unauthorised access to data on its servers.<\/p>\n<p>&#8220;The criminals gained access to e-mail addresses, telephone numbers and the content of messages collected on accounts,&#8221; the notice read.<\/p>\n<p>At the time of publication, LetMeSpy&#8217;s website live tracker showed it was tracking 0 devices, 0 text messages, 0 call logs, and 0 locations.<\/p>\n<p>An Internet Archive <a href=\"https:\/\/web.archive.org\/web\/20230129013309\/http:\/\/www.letmespy.com\/en\/\" target=\"_blank\" rel=\"noopener\"><strong>Wayback Machine-stored version of the website<\/strong><\/a> from 29 January 2023 showed it was tracking over 236,000 phones, 63.51 million messages, 39.71 million call logs, and 43.21 locations.<\/p>\n<hr \/>\n<h3 class=\"my-4\">Now read: <a href=\"https:\/\/mybroadband.co.za\/news\/security\/497571-these-cheap-android-phones-could-be-stealing-south-african-whatsapp-accounts.html\" rel=\"bookmark\">These cheap Android phones could be stealing South African WhatsApp accounts<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>LetMeSpy is designed to help people track the location and activity of other Android smartphone users and was supposedly installed on nearly a quarter of a million devices at one point in January 2023. <\/p>\n","protected":false},"author":341042,"featured_media":498047,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[87471,87473,18564,4536],"class_list":["post-498013","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-letmespy","tag-niebezpiecznik","tag-spyware","tag-techcrunch"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/498013"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341042"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=498013"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/498013\/revisions"}],"predecessor-version":[{"id":498063,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/498013\/revisions\/498063"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/498047"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=498013"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=498013"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=498013"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}