Millions of People’s Personal Data Exposed by Phone-Monitoring Apps
Imagine having your personal data, including messages, photos, and call logs, exposed to anyone who wants to access it. Unfortunately, this is a reality for millions of people who have unwittingly installed phone-monitoring apps on their devices. In this post, we’ll dive into the latest security vulnerability that has left millions of people’s personal data at risk.
The Vulnerability
A security researcher discovered a bug in two phone-monitoring apps, Cocospy and Spyic, which allows anyone to access the personal data of millions of people who have these apps installed on their devices. The bug is relatively simple to exploit, and the researcher has collected 1.81 million email addresses of Cocospy customers and 880,167 email addresses of Spyic customers by exploiting the bug.
How the Apps Work
Cocospy and Spyic are designed to remain hidden on a victim’s device while covertly and continually uploading their device’s data to a dashboard visible by the person who planted the app. These apps are typically sold as parental control or employee-monitoring apps, but they are often referred to as stalkerware (or spouseware) as some of these products explicitly promote their apps online as a means of spying on a person’s spouse or romantic partner without their knowledge, which is illegal.
The Consequences
The consequences of this vulnerability are severe. The email addresses of the people who signed up to Cocospy and Spyic with the intention of planting the app on someone’s device to covertly monitor them are exposed. This means that anyone can access the personal data of millions of people who have these apps installed on their devices.
The Response
The operators of Cocospy and Spyic did not return TechCrunch’s request for comment, nor have they fixed the bug at the time of publishing. This lack of response is concerning, as it suggests that the operators of these apps are not taking the security of their users’ data seriously.
What You Can Do
If you have Cocospy or Spyic installed on your device, it’s essential to take immediate action to protect your personal data. Here are some steps you can take:
- Uninstall the app: Remove the app from your device to prevent any further data from being exposed.
- Change your passwords: Change your passwords for all accounts that may have been compromised.
- Monitor your accounts: Keep a close eye on your accounts for any suspicious activity.
- Consider a VPN: Use a VPN to encrypt your internet traffic and protect your data.
Conclusion
The exposure of millions of people’s personal data by phone-monitoring apps is a serious security vulnerability that highlights the importance of protecting our personal data. It’s essential to be aware of the apps we install on our devices and to take steps to protect our data. By taking these steps, we can reduce the risk of our personal data being exposed and protect our privacy.
Summary
- A security vulnerability in two phone-monitoring apps, Cocospy and Spyic, has exposed the personal data of millions of people.
- The bug allows anyone to access the personal data of people who have these apps installed on their devices.
- The operators of Cocospy and Spyic have not responded to requests for comment or fixed the bug.
- If you have Cocospy or Spyic installed on your device, it’s essential to take immediate action to protect your personal data.