There is a fully shaded industry for people who want to monitor and spy their families. Multiple application makers market their programs – sometimes referred to as AS Chaser – For jealous partners who can use these applications to access the phones of their victims remotely.
However, despite the sensitivity of these data, an increasing number of these companies loses huge amounts of them.
According to TECHCRUNCH, counting The latest data breach from SPYXThere have been at least 25 demanding companies since 2017 that are known to have been hacked, or customer and victims leakage on the Internet. This is not a typographical error: at least 25 companies have been hacked or a large data exposure in recent years. Four companies were hacked several times.
SPYX is the latest supplyor for this year that it was breached, although the breach itself dates back to mid -2014. The penetration reveals that the Spyx family of applications has been at risk of private phone data for nearly two million victims at the time of its breach.
Spyx breach comes after data is exposed to Spyzieand Planetary, spying Operations that left messages, photos, call records, personal and other sensitive data for millions of open victims on the Internet, according to a security researcher found an error that allows them to access these data.
Before this year, there were at least four huge breakfasts from the airport tools Spytech, an unknown spyware maker based in MinnesotaThat was exposed to the presence of activity records from phones, tablets and computers that were monitored using their spyware. Before that, there was a breach in MSPY, one of the tallest airport applications Millions of customer support ticketsWhich included the personal data of millions of its customers.
Previously, unknown hacker The US -based PCTATATTLETALE servers stormed its headquarters. Then the infiltrators stole and leak the internal data of the company. They also distorted the official PCTATTLETALE website with the aim of embarrassing the company. The infiltrator referred to a recent article by Techcrunch PCTATTLETALEAE has been used to monitor many receptions reception In an American hotel series.
As a result of this penetration, the leakage and disgrace process, the founder of PCTATTTTLETELE Brian Fleming He said he was closing His company.
Consumer spyware applications such as SPYX, CocOSPY, MSPY and PCTATTLETALE are usually referred to as “chaser tools” (or mousse) because jealousy husbands and partners use them to monitor and their loved ones in a hidden way.
These companies often explicitly market their products as solutions to capture fraud partners by encouraging illegal and immoral behavior. and There were multiple cases in courtand Press investigations and Home abuse surveys This indicates that online pursuit and monitoring can lead to cases of harm and violence in the real world.
For this reason, infiltrators targeted some of these companies over and over again.
Eva Galbenein, director of cybersecurity at the Electronic Border Foundation, a prominent researcher and activist who has investigated and fought the tools of staples for years, said that the chase tools industry “is a soft goal.”
“Perhaps the people who run these companies are not really the most accurate or really worried about the quality of their products,” Galberene told Techcrunch.
Looking at the history of concessions in the chasing tools, it may be low. Because of the lack of care for their customer protection – and thus the personal data of tens of thousands of unintended victims – the use of these applications is not responsible. Stalkerware customers may violate the law, abuse their partners by illegally spying them, and moreover, it endangers everyone’s data.
History of infiltrators of chases
The wave of chasing violations started in 2017 when a group of infiltrators US-based Retina-X violated and FlexiSpy based on Thailand Back back. These two penetrations revealed that companies have a total of 130,000 customers worldwide.
At that time, the infiltrators – proudly – said his responsibility for the concessions explicitly said that their motives were revealing and helping their hope to destroy an industry they considered toxic and immoral.
“I will burn them on the ground, and I don’t leave anywhere at all to hide any of them,” one of the infiltrators told the motherboard.
In reference to Flexispy, the infiltrator added: “I hope they collapsed and fail as a company, and they have some time to think about what they did. However, I am afraid that they might try to generate themselves again in a new form. But if they do that, I will be there.”
Despite the penetration, years of negative public attention, Flexiispy is still active today. The same cannot be said about Retina-X.
The infiltrator, who stormed the retina, spent his servers with the aim of obstructing his operations. The company wore – Then it was hacked again after a year. Two weeks after the second violation, Retina-X announced that it was stopped.
Just days after the second -eye retina breach, Mobistalth and Spy Master Pro hit infiltratorsGigabytes stolen from customer and business records, as well as the usual messages of victims and fine GPS sites. Another seller for chase programs, India -based spyhumanShe faced the same fate after a few months, as infiltrators steal text messages and call the descriptive data, which contain records of those who call and when.
After weeks, there was the first case of cross data, instead of penetration. Leave SPYFONE S3 A Amazon host online storage onlineWhich means that anyone can see and download text messages, photos, audio recordings, contacts, location, lightning passwords, login information, Facebook messages and more. All these data were stolen from the victims, and most of them did not know that they were spying, not to mention knowing that their most sensitive personal data was also on the Internet for everyone to see.
Other chase tools companies that have left over the years customer data and online victim data are Familyorbit, which left 281 GB of online personal data Only protected by password is easy to trust; MSPY, Which leaked more than 2 million customer records In 2018; Xnore, which Let any of its customers see the personal data of other customers’ goalsWhich included chat messages, GPS coordinates, emails, photos and more; Mobiispy, which left 25,000 audio recording and 95,000 photos On a servant that can be accessed from anyone; Kidsguard, which was The wrong servant of its composition, which leaked the content of the victims; PCTATTLETALE, which is also penetrated Exposed screenshots from the victims that have been loaded in the actual time To a website that anyone can access; And xnspy, whose developers Leave left accreditation data and special switches in the application codeAllow anyone to access the victims’ data; And now Spaisi, Coxy and spyThat left the letters of the victims, pictures, call records and other personal data, as well as the email addresses for customers, exposed online.
Regarding other chasing companies that have already hacked, regardless of Spyx, there was Copy9, who saw The infiltrator steals all the monitoring targetsIncluding text messages, WhatsApp messages, calls, photos, contacts, and Brows History; Letchespy, Which was closed after the violation of the infiltrators and wiped its servers; Webdetteive Brazil, That also got her serversAnd Then penetrate again; Ownspy, which provides a lot of Webdetive rear programs, has also been hacked; Spy, which had a security vulnerability in its symbol She allowed the infiltrator to reach the rear databases And years of about 60,000 victims’ data; OOSPY, Which was the reincarnation of espionage, Close for the second time; The latest MSPY penetration, which has nothing to do with the aforementioned leakage.
Finally there theetruthspy, a Chaser applications networkWhich carries the doubtful record of penetration or data leakage at least three sporadic Occasions.
Hate, but unreliable
Among these 25 companies from the chaser, eight were stopped, according to TECHCRUNCH.
In a first unique case so far, the Federal Trade Committee Boiled and Executive Spyfone, Scott ZuckermanFrom working in the monitoring industry after a previous security expiry exposed to victims’ data. Another process for the chase programs associated with Zuckerman, called Spytrac, After that closed After the Techcrunch investigation.
Phonespector and Highster, two other unknown companies have been hacked, Also close After the New York Prosecutor accused companies of explicitly encouraging customers to use their illegal monitoring programs.
But the company closing the company does not mean that it went forever. As with Spyhide and Spyfone, some owners and developers stand behind a closed chaser maker have been simply renamed.
“I think these infiltrators do things. They are accomplishing things, they put it in it,” said Glipin. “But if you think that if the chaser tools company penetrates, it will simply shake their grip, curse your name, and disappear in a puff of blue smoke and it is not seen again, and this is certainly not.”
“What happens most of the time, when I actually managed to kill the chasing tools company, is that Stalkerware comes like mushrooms after rain,” Galbenein added.
There is some good news. In the report last year, Malwarebytes said that The use of demand tools decreasesAccording to its data for customers with this type of program. Also, Galperin reports are witnessing an increase in the negative reviews of these applications, where customers or potential customers complain that they are not working as intended.
However, Galbenein said it could be good security companies in discovering chasing tools as they were, or the pursuit has moved from software -based monitoring to the physical monitoring they enable by Aartags and other followers that support Bluetooth.
“There are no demand tools in a vacuum,” Galberene said.
Say no to the chase utensils
The use of spyware to monitor your loved ones is not only immoral, but it is also illegal in most judicial states, because it is considered illegal monitoring.
This is already an important reason for not using chaser tools. After that, there is a problem that chasing tool makers have proven again and again that they cannot maintain data safe – not data that belongs to customers, victims or goals.
Regardless of spying on romantic partners and husbands, some people use chases applications to monitor their children. Although this type of use, at least in the United States, is legal, it does not mean the use of chasing tools to intrude on your children’s phone is not creeping and immoral.
Even if it is legal, Galberin believes that parents should not spy on their children without telling them, and without their approval.
If parents inform their children and get their stove, the parents must stay away from the applications of the insecure chases and are not trustworthy, and the use of the parents ’tracking tools integrated into Apple phones and tablets and Android devices That is safer and operates publicly.
Abstract of violations and leaks
Below is the full list of chasing tools that have been hacked or leaked sensitive data since 2017, in the time order:
It was updated on March 19, 2025, to include SPYX as the latest breach of the chaser.
If you or anyone you know need help, then the hotline of national violence (1-800-799-7233) provides free support around the clock throughout the week for victims of home abuse and violence. If you are in an emergency, call 911. The alliance against the tools of the chaser It has resources if you think your phone may be at risk with spyware.
https://techcrunch.com/wp-content/uploads/2024/05/getty-photo-mosh-stalkerware.jpg?w=1200
Source link