Notorious spyware app shuts down after attacker breaches and deletes server data

Two people texting on smartphones
(Image credit: Pixabay)

LetMeSpy, a commercial spyware product that consumers could buy and use to spy on Android devices, is shutting down as the direct result of a data breach that saw a threat actor breach the company servers and wipe most of the data found there. 

As reported by TechCrunch, LetMeSpy published a notice on its website, notifying its users that by the end of the month, it will no longer provide its services to anyone:

“Dear All, we would like to kindly inform you that as of August 31, 2023, the website will cease operations, therefore we would like to provide you with some information,” the notice reads. “Due to the data security incident that took place on June 21, 2023, access to User Accounts was blocked, for security reasons. After that date, the LetMeSpy service was disabled, as well as the option to log into User Accounts and register new User Accounts on the site.”

Those that wish to access the data available within their user account are advised to contact the company individually by September 30 this year, with the email provided on the company website. “After the expiration of retention period under the applicable law, the data stored in User Accounts will be deleted,” the notice concludes. 

In late June 2023, LetMeSpy warned of a “security incident” in which an an unauthorized third party accessed the data of “website users”. “As a result of the attack, the criminals gained access to e-mail addresses, telephone numbers and the content of messages collected on accounts,” the announcement read at the time.

The message horde collected by the hacker seem to be quite extensive. After reviewing sample data, TechCrunch noted at least 13,000 devices have had data taken, which includes “years of victims’ call logs and text messages”, dating back to 2013. Also, more than 13,000 location data points, for thousands of victims, were stolen, as well. This data suggests most victims live in the US, India, and Western Africa. Furthermore, the app’s master database was taken too, which holds data on some 26,000 customers who used the app for free, as well as the email addresses of those who paid for the subscription. The company website was taken over by the attackers, as well.

Analysis: Why does it matter?

The developers of spyware apps argue that the goal of their products is security, often claiming that it’s a good way for parents to keep tabs on what their kids do online. In reality, though, the apps are mostly used by spouses in poorly functioning families, and similar. As the apps are designed to remain invisible on devices they’re installed on, many victims carry them without knowledge or consent. As a result, the apps are deemed illegal in some parts of the world. 

LetMeSpy was uploading all text messages, call logs, and location data to the servers without notifying the device owner. It would then share the data with the person who installed the app, on a different device. That makes the apps an ideal gateway for hackers looking to steal sensitive data, especially when they’re poorly executed and buggy. According to some researchers, most of these apps are hollow as Swiss cheese.

The threat of spyware apps, sometimes also called stalkerware, increased by more than three times in the past three years, cybersecurity researchers from Avast recently said. The company’s Threat Researchers department, part of the Coalition Against Stalkerware, revealed that, based on its telemetry, the possibility of encountering this form of mobile malware increased 329% since 2020. 

If your device has inexplicable performance drops, starts crashing or freezing for no apparent reason, heats up too much, or suddenly starts consuming too much battery, a stalkerware app could be hiding somewhere. Also, Avast says that if suddenly you have a new browser homepage, new icons on your desktop, or a different default search engine, it might be a good time to scan the phone for malware.

What have other said about the news?

In its writeup of the news, Global Village Space says the shutdown of LetMeSpy highlights the “growing concern” over the use of these apps to invate people’s privacy. “Such invasive surveillance can have severe consequences for victims, including emotional distress, stalking, and harassment,” the publication states

It goes on to stress that the governments around the world pushed to combat these tools, mentioning Support King, a tech company that wa banned by the Federal Trade Commission (FTC) from the surveillance industry in 2021, due to its mishandling of stolen data. “This regulatory action sends a strong message that the misuse of spyware will not be tolerated;” it added. The battle might have been won, but the war is ongoing, it concluded.

Reddit users cheered on the news, with one user saying “You reap what you sow”, and another adding “Whoever did it: good job.”

Go deeper

If you want to learn more about staying safe online, start by reading our guide on the best malware removal tools right now. Also check out how to clean up your Android device, as well as what are the best iOS antivirus apps.   

Via: TechCrunch

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.