A Portuguese-language spyware named WebDetetive has targeted over 76,000 Android phones across South America, with a significant concentration in Brazil, according to reports. The spyware has become the latest victim of a hacking incident, marking a disturbing trend in the security of phone spyware companies.
Unnamed hackers accessed a cache of data that shed light on how they exploited vulnerabilities in WebDetetive’s servers, resulting in unauthorized access to user databases. These cybercriminals managed to extract records from the spyware maker’s web dashboard, containing customer email addresses and dashboard details. The hackers even claimed to have deleted victim devices from the spyware network, effectively severing their connection to prevent further data uploads.
The breached cache, shared by nonprofit transparency collective DDoSecrets, revealed that 76,794 devices had been compromised by WebDetetive at the time of the breach. The leaked data also exposed 74,336 unique customer email addresses. However, the spyware company does not verify email addresses during registration, making a comprehensive analysis of its clientele challenging.
It remains unclear who orchestrated the WebDetetive breach, as the hackers did not provide any contact information.
WebDetetive operates as a covert phone monitoring app, often surreptitiously installed on phones without consent. Once installed, it discreetly uploads various phone contents, including messages, call logs, photos, and real-time location data, to remote servers. Despite the extensive access these “stalkerware” apps have to sensitive data, they are notorious for vulnerabilities due to poor coding.
The breached data suggested a connection between WebDetetive and OwnSpy, another widely used spyware app. WebDetetive’s Android app was found to be a rebranded version of OwnSpy’s spyware, raising questions about potential links between the two.
The recent breach of WebDetetive underscores growing concerns about the security of spyware companies and the potential risks posed to victims. Destructive hacks not only compromise personal data but can also put spyware victims in perilous situations. The Coalition Against Stalkerware offers resources to support individuals who suspect their phones are compromised. As investigations continue, questions remain about whether WebDetetive will notify affected customers and victims of the breach.