Leaked Data from "TheTruthSpy" Stalkerware Network Reveals the Extent of the Data Collected
upstart writes:
A massive cache of leaked data reveals the inner workings of a stalkerware operation that is spying on hundreds of thousands of people around the world, including Americans.
The leaked data includes call logs, text messages, granular location data and other personal device data of unsuspecting victims whose Android phones and tablets were compromised by a fleet of near-identical stalkerware apps, including TheTruthSpy, Copy9, MxSpy and others.
These Android apps are planted by someone with physical access to a person's device and are designed to stay hidden on their home screens but will continuously and silently upload the phone's contents without the owner's knowledge.
Given that victims had no idea that their device data was stolen, TechCrunch extracted every unique device identifier from the leaked database and built a lookup tool to allow anyone to check if their device was compromised by any of the stalkerware apps up to April 2022, which is when the data was dumped.
TechCrunch has since analyzed the rest of the database. Using mapping software for geospatial analysis, we plotted hundreds of thousands of location data points from the database to understand its scale. Our analysis shows TheTruthSpy's network is enormous, with victims on every continent and in almost every country. But stalkerware like TheTruthSpy operates in a legal gray area that makes it difficult for authorities around the world to combat, despite the growing threat it poses to victims.
Read more of this story at SoylentNews.