Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Home Mobile Security Amazon Faces Criticism For Still Hosting Stalkerware Victims' Data
AWS Credentials Mobile Security Spyware Stalkerware User Privacy

Amazon Faces Criticism For Still Hosting Stalkerware Victims' Data

Three surveillance apps were recently detected employing Cloudflare and AWS infrastructure to store exfiltrated sensitive data.
Wednesday, March 19, 2025

 

Amazon is drawing fire for hosting data from the Cocospy, Spyic, and Spyzie apps weeks after being notified of the problem, as the spyware firms continue to upload sensitive phone data of 3.1 million users to Amazon Web Services (AWS) servers. 

Last month on February 20, threat analysts at TechCrunch, an American global news outlet, notified Amazon of the stalkerware-hosted data, including exact storage bucket information where the stolen data from victims' phones was stored. However, as of mid-March, no firm steps have been taken to disable the hosting servers. 

In response, AWS thanked TechCrunch for the tip and sent a link to its abuse report form. In response to this statement, Ryan, the AWS spokesperson stated, "AWS responded by requesting specific technical evidence through its abuse reporting form to investigate the claims. TechCrunch declined to provide this evidence or submit an abuse report.”

The Android apps Cocospy, Spyic, and Spyzie share identical source code and a security vulnerability that can be easily exploited. The flaw abuses poorly secured servers used by the apps, allowing external access to exfiltrated data. The servers employed by the apps have Chinese origins and store data on Cloudflare and AWS infrastructure.

On March 10, TechCrunch notified Amazon that the Spyzie app was also uploading stolen data to its own Amazon bucket. According to Amazon, AWS responds to complaints of abuse and has stringent acceptable usage guidelines. The company's procedural reaction, however, has come under fire for taking too long to take action regarding hosting stolen data.

Ryan clarified that AWS responded quickly and made repeated requests for the technical data required to conduct the investigation, which TechCrunch declined. He went on to say: "AWS's request to submit the findings through its publicly available abuse reporting channel was questioned by the outlet, which declined to provide the requested technical data.” 

Stalkerware thrives on direct downloads, despite being banned from major app stores like Google Play and Apple's App Store. While some sellers say that the apps are for legal purposes, their capabilities are frequently utilised in ways that breach privacy regulations.
Tags: AWS Credentials Mobile Security Spyware Stalkerware User Privacy
Share it:

AWS Credentials

Mobile Security

Spyware

Stalkerware

User Privacy