TechCrunch has discovered that a relatively obscure spyware company based in Minnesota has been the victim of a hack, exposing surveillance details of thousands of devices globally.
TechCrunch obtained a trove of documents from an informant familiar with the situation, which included comprehensive logs of monitored devices – smartphones, tablets, and computers – with some data timestamped as recent as early June.
Verification of the authenticity of this data was partly achieved by examining some of the retrieved device logs, including those belonging to the firm’s CEO, who had the spyware installed on a personal device.
According to the data, Spytech’s software, notably Realtime-Spy and SpyAgent, has infiltrated over 10,000 devices since 2013. This includes a range of technology from Androids and Chromebooks to Macs and Windows PCs across the globe.
This incident places Spytech among a recent string of spyware developers who have themselves fallen prey to cyber exploits, marking the fourth such organization to be hacked this current year, as per a count by TechCrunch.
Nathan Polencheck, Spytech’s CEO, commented to TechCrunch that this was his first notification of the breach and that he hadn’t yet seen the data, stating, “I am investigating everything and will take the appropriate actions.”
Spytech produces remote access applications often classified as “stalkerware.” While marketed for parental monitoring, they are also sold for spying on partners, with the company’s site blatantly promoting these surveillance capabilities for tracking spouses.
Though it is legal to monitor children or employees under certain conditions, spying without an individual’s consent breaks the law, leading to legal action against both providers and users of such software.
These apps, once installed by someone with access to the target device, usually remain hidden and are challenging to detect or remove, collecting detailed data like keystrokes, browsing history, and location, and transmitting this to the person who installed the spyware.
The hacked data includes comprehensive logs of the spied-upon devices’ activities, pointing out the widespread use of Spytech’s software predominantly on Windows PCs but also affecting other platforms.
None of the device activity logs were encrypted, making the sensitive data readily accessible in the breach.
TechCrunch’s analysis of the compromised Android phones’ location data, which was mapped to maintain victim privacy, revealed significant concentrations of monitored devices in Europe and the US, along with scattered presences in other global regions.
Among the records was detailed geolocation information for Polencheck’s residence in Red Wing, MN.
Although the breach revealed considerable sensitive and personal information from individuals’ devices, the lack of sufficiently identifiable data about each device prevented TechCrunch from alerting the victims directly.
When inquired, the CEO did not confirm whether the company would notify its customers, the surveilled individuals, or the state authorities as mandated by breach notification laws. A spokesperson for the Minnesota attorney general’s office did not respond for a comment.
Spytech, with a history dating back to 1998, flew under the radar until a notable incident in 2009 involving the use of its spyware in a personal vendetta that affected a children’s hospital’s systems.
Another American spyware firm, pcTattletale, faced a similar fate with a data breach and defacement earlier in the year, ultimately leading to the shutdown and data deletion to avoid notifying the victims.
The compromised data was eventually acquired by the data breach service Have I Been Pwned, with 138,000 affected customers being listed.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
