A serious security flaw has been found in two phone-monitoring apps, Cocospy and Spyic. Millions of users may have their private data at risk without realizing it.
This bug lets anyone access sensitive information such as messages, photos, and call logs from devices infected by these apps. Additionally, it reveals email addresses of those who installed Cocospy or Spyic to spy on others.
These apps work in a sneaky way. They stay hidden on the target’s device and continuously gather data, sending it to a dashboard for the installer to view. Most users won’t even know that their device is compromised.
As of now, the companies behind Cocospy and Spyic haven’t addressed this vulnerability or responded to inquiries from TechCrunch.
The vulnerability is quite easy to exploit, but TechCrunch has chosen not to detail it to avoid aiding any malicious activity that could put users’ data at further risk.
The researcher who discovered the flaw managed to gather 1.81 million email addresses from Cocospy and 880,167 from Spyic. These addresses were then provided to Troy Hunt, who runs the website Have I Been Pwned.
Hunt confirmed that he has added a total of 2.65 million unique email addresses to the site after removing any duplicates. This data is marked as “sensitive,” meaning that only individuals with the affected email addresses can check if their information is at risk.
Cocospy and Spyic are among several surveillance apps that have faced security issues in recent years. To date, these apps are part of a long list of similar products that have leaked sensitive user data.
While these monitoring apps are often marketed as parental control software, they can also serve as stalkerware, designed for secretly spying on partners, which is illegal. Many consumers misuse such apps, despite them being intended for legitimate purposes.
Stalkerware apps are typically not found in official app stores and must be directly downloaded from their providers. This means users often need physical access to the targeted device to install the apps.
Background of Cocospy and Spyic
Little is known about who runs Cocospy and Spyic, as stalkerware developers prefer to stay out of the spotlight due to the risks involved in their operations.
Cocospy and Spyic were launched in 2018 and 2019, respectively. Given the number of registered users, Cocospy is among the largest stalkerware services available.
Research by cybersecurity experts has suggested links between Cocospy and Spyic and a China-based developer. However, the website for this developer is currently inaccessible.
TechCrunch tested the Cocospy and Spyic apps in a controlled environment. Both apps disguised themselves as a “System Service” app on Android devices to avoid detection.
Analyzing the data flow revealed that the apps transmitted user data through Cloudflare, obscuring the actual location of the operations. It appears the apps were uploading sensitive data, like photos, to an Amazon Web Services cloud storage server.
Neither Amazon nor Cloudflare responded to requests for comments about these apps.
Interestingly, some server responses were in Chinese, indicating a potential connection to Chinese developers.
Checking for Stalkerware
The email addresses collected from Cocospy and Spyic enable anyone who installed the apps to see if their details were compromised. However, this data lacks enough identifying information to directly inform those affected.
If you suspect your phone might be infected, there are steps you can take. Both Cocospy and Spyic rely on users weakening the security settings on their Android devices or accessing an Apple account with their credentials.
Despite their attempts to appear harmless, both apps can be detected. For example, on an Android device, entering the code ✱✱001✱✱ on the keypad and pressing “call” can reveal the apps if they’re installed.
You can also check your installed apps through the Android settings menu, even if the apps are hidden.
For additional support, TechCrunch offers a comprehensive guide on removing spyware from Android devices. It’s also wise to have a safety plan in place, as disabling spyware might alert the person who installed it.
If you’re using an Android phone, consider activating Google Play Protect. It’s a useful feature that enhances security against harmful apps like stalkerware. You can find this option in the Google Play settings.
For iPhone users, ensure your Apple account has a strong and unique password, ideally managed through a password manager. Enable two-factor authentication as an added layer of security. Also, check your account for any unfamiliar devices and remove them if needed.
If you or someone you know needs support, the National Domestic Violence Hotline (1-800-799-7233) offers 24/7 free and confidential help. In emergencies, always call 911. The Coalition Against Stalkerware has additional resources for those who believe their phone is compromised.
You can reach Zack Whittaker through Signal and WhatsApp at +1 646-755-8849. Document sharing is securely possible with TechCrunch via SecureDrop.
Source link
Android,cybersecurity,iPad,stalkerware
Related Posts
Escalating Trade Tensions: What the Ongoing Disputes with China Mean for the Global Economy
Know the auspicious time, Rahukaal and Panchang of Paush Putrada Ekadashi today 10 January 2025
Aptar Achieves Elite CDP Climate A-Rating, Placing in the Top 2% of Global Companies Committed to Sustainability
Andrew Cuomo Eyes Political Comeback: Could He Become NYC’s Next Mayor?
Prince Harry’s Tense Message to Charity Chair After Meghan Markle’s Awkward Moment: Inside the Controversy
Urgent Appeal: Utah Food Bank Director Discusses Escalating Hunger Crisis as Donations Decline
Dolly Parton Unveils Exciting New Frozen Food Line: Fans Can’t Get Enough!
Join the FoodNiche Health Forum: Empowering Healthier Communities Through Food Innovation and Education!
