A US spyware maker called Spytech has been breached, leading to sensitive data it held on thousands of its victims being leaked online
A report from TechCrunch, which has seen the stolen data and confirmed its authenticity, notes an unidentified person “with knowledge of the breach” reached out to the publication and shared an unecrypted cache of files grabbed from the company’s servers.
The files contained detailed device activity logs from the endpoints the spyware was monitoring, including the location of each individual device.
Caught off guard
TechCrunch ran the files through offline tools, and concluded more than 10,000 devices may have been compromised.
The majority of mobile-only victims are located in Europe and the United States, with notable “pockets” of victims in Africa, Asia and Australia, and the Middle East. The good news is that there was not enough personally identifiable information to link the data to actual people.
This also means that the publication was not able to notify the affected individuals, but it did, however, reach out to the company’s Chief Executive Officer (CEO), Nathan Polencheck, who was caught off guard with the news, saying this “was the first I have heard of the breach and have not seen the data you have seen so at this time all I can really say is that I am investigating everything and will take the appropriate actions.”
Spytech operates two spyware apps - Realtime-Spy and SpyAgent. The majority of the infected endpoints are Windows devices, with Androids, Macs and Chromebooks being compromised to a lesser extent.
Spyware, often also called spouseware, are commercial apps that advertise as a way to keep track of children, employees, and romantic partners. However, since they remain hidden on the device they’re installed on, people often install them without the victim’s knowledge or consent, which is both unlawful and unethical.
More from TechRadar Pro
- Millions of spyware customers exposed in mega data breach
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now