Posted on June 28, 2023 at 9:49 AM
Hackers hack the LetMeSpy spyware that targeted thousands
A hacker has stolen the call logs, messages, and location data belonging to the LetMeSpy phone spying software. The software, which is used by many Android users globally, said that a hacking incident had led to malicious actors accessing data belonging to website users.
Hackers hack the LetMeSpy spyware
Following these hacking exploits, the threat actors obtained access to the phone numbers, email addresses, and messages belonging to user accounts. The LetMeSpy phone monitoring app has been promoted as a tool that enables employee monitoring and parental control.
The app has been designed to remain hidden on the phone’s home screen, making it hard to detect it and remove it. After the LetMeSpy monitoring app has been planted in a user’s device, it will upload the phone’s text messages, call logs, and location data to servers. This will allow an individual who installed it to track it in real-time.
Such surveillance apps have a reputation for having security vulnerabilities. Over the years, many spyware apps have been hacked, leaked, and exposed to private phone data stolen from unsuspecting victims.
The recent breach on the LetMeSpy monitoring app was reported by the Niebezpiecznik security research blog. The report noted that when the hacker behind the exploit was contacted for a response, they claimed to have accessed vast data belonging to the spyware.
The hacker behind this attack has yet to be identified. The hacker alluded that they had deleted the LetMeSpy databases that were stored on the server. A copy of this hacked database also appeared online shortly after the breach happened.
DDoSecrets secured a copy of the data obtained from LetMeSpy. The platform said that it limited the distribution of this data to researchers and journalists because of the sensitivity of the information. Part of the leaked data includes years of the call logs of the victims and text messages dating back to 2013.
A report by TechCrunch said that the reviewed database contained the records of at least 13,000 compromised devices. However, some of these devices shared limited data with LetMeSpy.
One of the largest spyware tools
LetMeSpy is one of the largest spyware tools globally. In January, this tool revealed that the spyware was used to track more than 236,000 devices while also collecting tens of millions of text messages, call logs, and location data.
The database collected by the hackers also contained more than 13,400 location data points belonging to several thousand victims. The majority of these data points focused on the population hotspots, and it showed that most of the victims were based in India, the United States and Western Africa.
The data that was also detected in the database of the spyware tool included information belonging to around 26,000 customers that used the spyware tool without any charges. It also catered to the email addresses belonging to the customers that paid for subscriptions.
The developers behind this malware are not known because of the reputational and legal risks that come from using such tools. The information from the leaked database shows that the LetMeSpy tool has been created and maintained by a Polish developer known as Rafal Lidwin.
LetMeSpy published a breach notice saying that it had informed law enforcement and the Polish data protection agency UODO about this malware. It is unclear whether LetMeSpy will inform the victims whose phones were affected by the breach and spied on by the hackers.
In the past, it has been possible for victims to monitor whether their data has been compromised. The leaked LetMeSpy data does not contain any identifiable information that can be used to notify the victims directly. Moreover, providing notifications about spyware has remained a tricky situation.
The Android spyware apps have been disguised to appear like important system apps. The LetMeSpy tool is easy to detect and uninstall. The app is known as LMS, and it contains a distinct icon. As such, it is challenging to detect this spyware and remove it from the targeted device.
User that wants to protect themselves from such malicious Android apps needs to install the Google Play Protect feature. A user can install this safety feature from the settings menu on the Google Play platform.
However, LetMeSpy is not the only spyware tool that has been exploited in the past. Spyware tools have been vulnerable to hacks, breaches, and exposés over recent years. The other spyware tools that have been hacked in the past include KidsGuard, Support King, TheTruthSpy, and Xnspy.