Recent developments have brought to light the hacking of WebDetetive, a Portuguese-language spyware company that has been infecting Android phones in South America, primarily in Brazil. Interestingly, the company itself fell victim to hackers, who exploited multiple vulnerabilities to gain access to WebDetetive’s servers and user databases.
At the time of the breach, over 76000 devices had been compromised.
Notably, the unnamed hackers took the unprecedented step of not only downloading all the data but also severing the spyware’s network connection to victim devices. The group justified their actions saying, “Which we definitely did. Because we could. Because #fuckstalkerware.”
A data dump of 1.5 gigabytes, now in the hands of nonprofit DDoSecrets, revealed the extent of WebDetetive’s reach. At the time of the breach, 76,794 devices had been compromised, and the data included 74,336 unique customer email addresses.
Though it’s too early to determine the true identity of the hackers, or to confirm whether they’ve been successful in disconnecting the victim devices, their approach offers an intriguing counter-narrative. Normally cast as villains, these hackers instead appear as digital vigilantes, delivering poetic justice by using their skills to disable a network that invades people’s privacy.
However, the story takes a deeper twist. WebDetetive’s roots are linked to OwnSpy, another notorious spyware app developed in Spain. While the administrators of WebDetetive remain anonymous, the connection to OwnSpy suggests a broader ecosystem for these nefarious activities.
Spyware companies like WebDetetive and OwnSpy exist in a murky legal environment, their coding often as questionable as their ethics. With this incident, questions around the “security” of these security companies are re-ignited. How can entities, notorious for their invasive capabilities, protect their own networks when they are this easily compromised?
While the hackers’ actions raise legal and ethical questions, they also throw a spotlight on the fragility of spyware infrastructures. Ironically, the hackers’ breach could serve as a wake-up call to users and potentially even law enforcement. But for now, it provides a touch of poetic justice in a domain often void of accountability.
RELATED:
- OnePlus 8T and OnePlus 10T receiving August 2023 Security Patch update
- OnePlus Nord 2 receives August Android Security patch in India
- Best 10 8K TVs in 2023 – LG, Samsung, Hisense, & More
(Via)
