An American spyware manufacturer called Spytech has been the victim of a security breach, leading to confidential data it held on thousands of its victims being leaked online.
A report by TechnologyCrunchThe company, which viewed the stolen data and confirmed its authenticity, said an unidentified person “with knowledge of the breach” contacted the publication and shared an unencrypted cache of files taken from the company’s servers.
The files contained detailed logs of device activity from the endpoints the spyware was monitoring, including the location of each individual device.
Taken by surprise
TechnologyCrunch I ran the files through offline tools and concluded that more than 10,000 devices could have been compromised.
Most of the mobile-only victims were located in Europe and the United States, with significant pockets of victims in Africa, Asia, Australia and the Middle East. The good news is that there was not enough personally identifiable information to link the data to real people.
This also means that the publication was unable to notify the affected individuals, but it did reach out to the company's CEO, Nathan Polencheck, who was surprised by the news and said that “this was the first I had heard about the breach and I haven't seen the data that you guys have seen, so at this point all I can say is that I'm looking into everything and will take appropriate action.”
Spytech uses two spyware applications: Realtime-Spy and SpyAgent. Most of the infected endpoints are Windows devices, although Androids, Macs and Chromebooks are affected to a lesser extent.
Spyware, also called spousal software, are commercial applications advertised as a way to track children, employees, and partners. However, since they remain hidden on the device they are installed on, people often install them without the victim's knowledge or consent, which is illegal and unethical.