2 min Security

Spyware vendor itself victim of cybercrime

Spyware vendor itself victim of cybercrime

LetMeSpy has been hacked, resulting in the leakage of user data. The so-called mobile “stalkerware” service claims to be mainly useful for legitimate purposes. However, its capabilities are well-suited to the aims of malicious users.

The developer of LetMeSpy says a hacker stole the application’s messages, call logs and intercepted locations. Last week, the login page stated that “a security incident” had occurred. This supposedly involved “unauthorized access to website users’ data.”

Marketing versus reality

LetMeSpy positions itself as an app that should be useful for parents and business leaders to monitor children and employees, respectively. LetMeSpy remains invisible on a phone’s home screen and is difficult to remove. In terms of nicknames, this type of software is best known as “stalkerware” or “spouseware,” as its functionality is equally well suited for unwanted tracking in an even less proper way. However, apps of this nature are often poorly secured and full of bugs.

Poland’s Niebezpiecznik blog came out with the news that the hack compromised about 13,000 Android devices. Daily Dot noted that mostly American students appear to have been affected.

Speaking to SiliconANGLE, Ray Kelly of Synopsys Software Integrity Group stated that this highlights the importance of security testing on mobile applications. “However, mobile apps — especially ones downloaded from Apple’s App Store or Google Play — are more difficult to test than traditional web applications for security vulnerabilities.”

Best practices

The most obvious solution to stopping data breach problems is not to use questionable apps like LetMeSpy. Kelly indicates that any app should also be tested for unencrypted credentials and login data. In addition, he says a network layer should exist during the testing phase. This should ensure that the application makes a secure connection. Finally, app developers should test back-end systems for susceptibility to SQL Injection attacks that might ship an entire database.

Spyware has been in the news in recent years in the form of the Pegasus software. This platform was (and is?) used for spying by many governments and currently does not have enough regulatory safeguards to keep the technology out. The EU will be grappling with the issue for some time.