A recent report from TechCrunch has brought to light the operation of a Portuguese-language spyware named WebDetetive. According to the report, WebDetetive has infiltrated and compromised data of over 76,000 Android devices, with a majority of these breaches occurring in Brazil. Furthermore, a group of white hat hackers claim to have deleted a substantial amount of user data from the spyware’s servers, potentially providing relief to thousands of victims.
The report highlights how anonymous hackers identified and exploited weaknesses in the servers of WebDetetive. The hackers penetrated the Spyware Company’s web dashboard, where they could access user databases and other confidential records, such as customer emails.
Features of WebDetetive Spyware
- Stalkerware: WebDetetive is categorized as “stalkerware”, a type of spyware that is surreptitiously installed on victims’ phones, usually without their consent. The people behind this are often suspecting spouses or partners, although the motives can be more malicious.
- Spyware: Such software is also extensively used by government spyware agencies for surveillance purposes. The hackers’ compromise of WebDetetive’s servers might have helped thousands of victims have their data saved from being stolen.
How to Keep Your Data Safe
The data breach by WebDetetive underscores the significance of data protection. Here are some important tips to guard your digital privacy: Data Privacy: 10 Tips to Protect Your Digital Privacy
Evidence of the Hack
The hackers gave TechCrunch a data cache of around 1.5GB, allegedly stolen from WebDetetive’s dashboard. TechCrunch then authenticated some device identifiers in the cache by aligning them with endpoints on WebDetetive’s servers. However, TechCrunch was not able to independently verify the hackers’ claim that user data was deleted, although they did find a note by the hackers stating, “Which we definitely did. Because we could. Because #fuckstalkerware”.
What Information was Compromised?
The cache reportedly contained information pertaining to WebDetetive customers and specific details of the compromised device. However, it did not contain any contents retrieved from the victims’ phones.
Spyware, like WebDetetive, is often used by suspicious partners and government spy agencies alike.
According to TechCruch, the spyware had impacted 76,794 devices and collected data on more than 74,000 unique customer emails. Notably, the report emphasizes that stalkerware does not verify customer emails.
Connection with Other Spy Apps
WebDetetive’s operations seem to intersect with those of another spyware, OwnSpy, which was developed in Spain. TechCrunch’s review concluded that WebDetetive’s Android app incorporates a substantial amount of recycled code from OwnSpy. Subsequent to TechCrunch contacting the developer, notable parts of OwnSpy’s infrastructure have since been taken offline.
Unintended Consequences of White Hat Hacking
While white hat hacking operations like these appear to benefit victims of spyware, they may also bring unintentional negative consequences. For instance, severing connections to the spyware servers without notice could inadvertently alert the perpetrators who installed the spyware. This could further escalate the danger posed to the victims.
