Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Stalkerware. Show all posts

FTC Bans Support King, That is Linked to a New Phone Spying Operation


A TechCrunch investigation has shown that a notorious phone spying company, SpyFone, is back in its business, a year after the Federal Trade Commission banned it.  

Apparently, a groundbreaking FTC order banned the stalkerware app, SpyFone, along with its parent company Support King, and its chief executive Scott Zuckerman from the surveillance industry. The regulator's five sitting commissioners unanimously approved the order, which also required Support King to retrieve the phone data it had wrongfully obtained, and inform victims that its software had been covertly placed on their devices.  

What are Stalkerware? 

Stalkerware, or spouseware, refers to apps that are covertly installed by someone with physical access to a person's phone, frequently in the pseudonym of family tracking or child monitoring. However, these apps are created to remain hidden from home screens, silently uploading a person's phone's contents, including their text messages, photos, browsing history, and precise location information, while also pretending to be family tracking or child monitoring apps.  

However, several stalkerware apps, such as KidsGuard, TheTruthSpy, and Xnspy, possess certain security flaws that expose the private data of thousands of people to greater risks. 

These apps as well include SpyFone, whose unprotected cloud storage server leaked the private information taken from more than 2,000 victims' phones, leading the FTC to launch an investigation and ensuing ban on Support King and its CEO Zuckerman from providing, distributing, promoting, or in any other way, aiding the sale of spy apps. 

TechCrunch, since then has received further data tranches, that include the data from internal servers of the stalkerware programme SpyTrac, which is being operated by programmers that are associated with Support King.  

Thousands of Users Smartphone Data Leaked by a Stalkerware

 

Hundreds of thousands of users' sensitive phone data is in danger. Due to a security flaw in commonly deployed consumer spyware, call logs, text messages, pictures, browser history, accurate geolocations, and call recordings might be easily retrieved from a user's phone. 

TechCrunch regularly emailed the developer, whose name is unknown, using all available and non-public email accounts, but still, the lines of inquiry to uncover the problem have fallen by the wayside. 

Attempts have been made to approach the spyware creator since the security and privacy of thousands of people are jeopardized until the issue is resolved. The spyware or its creator hasn't been identified since doing so would simplify things for cybercriminals to access users' private vulnerable data. 

The security vulnerability was found as part of a broader consumer spyware study by TechCrunch. These programs, which are frequently advertised as kid tracking or monitoring software, are also known as "stalkerware" due to their capacity to follow and spy on people without their knowledge. Such spyware programs discreetly and continually redirect a person's phone contents, allowing its owner to follow a person's movements and whom they communicate with. Most people will be unaware that their smartphones have been hacked because these applications are intended to disappear from home screens to evade discovery or deletion. 

TechCrunch further reached out to Codero, the web business that hosts the developer's spyware technology, but the company didn't answer numerous requests seeking comment. Codero is no newcomer to stalkerware hosting; in 2019, the web host "took action" against stalkerware producer Mobiispy after it was discovered spewing thousands of pictures and audio recordings. 

“I’m disappointed, but not even a little surprised,” Eva Galperin, director of cybersecurity for the Electronic Frontier Foundation. “I think we could reasonably characterize this type of behavior as negligent. Not only do we have a company that is making a product that enables abuse, but they are doing such a poor job of protecting the information that is being exfiltrated that they are opening the targets of this abuse to even greater abuse." 

Due to the obvious widespread availability of this simple-to-obtain malware, an industry-wide campaign was launched to combat it. Antivirus companies have tried to enhance the detection of stalkerware, and Google has also prohibited spyware companies from marketing their wares as a method to spy on a spouse's phone, but some developers are employing innovative techniques to circumvent the prohibition. 

Mobile spyware has a long history of security issues. Over a dozen stalkerware companies, including mSpy, Mobistealth, Flexispy, and other Family orbits, have been discovered to have been hijacked, leaked data, or compromised data on people's phones in recent times. 

KidsGuard, another stalkerware, had a security issue that revealed information on thousands of people's phones, and, more recently, pcTattleTale, which advertises itself as competent in spying on a spouse's device, was exposing screenshots via easy-to-guess URL addresses. 

The Federal Trade Commission prohibited SpyFone, a stalkerware software that also revealed the phone data of over 2,000 users, in September and required users to be notified that their devices had been compromised.

Beware of Stalkerware That Has Eyes On All of Your Social Media!


Dear social media mongers, amidst all the talk about the Coronavirus and keeping your body’s health in check, your digital safety needs kicking up a notch too.

Because, pretty recently, security researchers discovered, what is being called as a “Stalkerware”, which stalks your activities over various social platforms like WhatsApp, Instagram, Gmail, Facebook, and others.

‘MonitorMinor’, per the sources, is definitely the most formidable one in its line.

Stalkerware are “monitoring software” or ‘Spyware’ that are employed either by people with serious trust issues or officials who need to spy for legitimate reasons.

Via this extremely creepy spyware kind, gathering information like the target’s ‘Geographical location’ and Messaging and call data is a cakewalk. Geo-fencing is another spent feature of it.

This particular stalkerware is hitting the headlines this hard because, MonitorMinor has the competence to spy on ‘Communication channels’, like most of our beloved messaging applications.

The discoverers of this stalkerware issued a report in which they mentioned that in a “clean” Android system, direct communication between applications is blocked by the “Sandbox” to kill the possibilities of the likes of this spyware gaining access to any social media platform’s data. This is because of the model called “Discretionary Access Control” (DAC).

Per sources, the author of the stalkerware in question manipulates the “SuperUser-type app” (SU utility) (if present) allowing them root-access to the system.

The presence of the SU utility makes all the difference for the worse. Because owing to it and its manipulation, MonitorMinor gains root access to the system.

The applications on the radar are BOTIM, Facebook, Gmail, Hangouts, Hike News & Content, Instagram, JusTalk, Kik, LINE, Skype, Snapchat, Viber, and Zalo-Video Call.

From lock patterns to passwords, MonitorMinor has the power to dig out files that exist in the system as ‘data’. And it obviously can use them to unlock devices. This happens to be the first stalkerware to be able to do so, mention sources.

Per reports, the procedure is such that the “persistence mechanism” as a result of the malware manipulates the root access. The stalkerware then reverts the system section to read/write from the initial read-only mode, copies itself on it, deletes itself from the user section, and conveniently goes back to read-only mode again.

Reports mention that even without the root access, MonitorMinor can do a consequential amount of harm to targets. It can control events in apps by manipulating the “Accessibility Services”. A “keylogger” is also effected via the API to permit forwarding of contents.
Unfortunately, victims can’t do much to eradicate the stalkerware form their systems, yet.

Other functions of the stalkerware include:
• Access to real-time videos from the device’s camera
• Access to the system log, contact lists, internal storage contents, browsing history of on Chrome, usage stats of particular apps
• Access to sound recordings from the device’s microphone
• Control over the device’s SMS commands.

The security researchers released a report by the contents of which, it was clear that the installation rate of it was the maximum in India, closely followed by Mexico and then Germany, Saudi Arabia, and the UK.

The researchers also per reports have reasons to believe that possibly the MonitorMinor might have been developed by an Indian because they allegedly found a ‘Gmail account with an Indian name’ in the body of MonitorMinor.