A phone surveillance app known as Spyhide has been discovered to stealthily collect private phone data from its users’ devices.
These include tens of thousands of Android devices worldwide, raising serious privacy and security concerns.
YOU MAY ALSO LIKE: US SOS And Secretary Of Commerce Share Concerns About AI
Spyhide is classified as stalkerware or spouseware and is typically installed on a victim’s phone by someone with knowledge of their passcode.
This makes it challenging to detect and remove the app.
Once installed, Spyhide continuously uploads the phone’s contacts, messages, photos, call logs, recordings, and real-time location data without the victim’s knowledge.
The app’s dangerous capabilities highlight the risks posed by phone surveillance apps and the potential for misuse and data exposure.
Recently, a hacker named maia arson crimew exposed Spyhide’s development environment, accessing the source code of the web-based dashboard used by abusers to view stolen phone data.
This breach allowed for further insight into the secretive spyware operation and its suspected administrators.
An analysis of Spyhide’s database revealed records of approximately 60,000 compromised Android devices dating back to 2016.
Discovered data included call logs, text messages, and precise location history.
The surveillance network extended to every continent, with Europe and Brazil showing clusters of thousands of victims.
Although the United States had over 3,100 compromised devices, the country’s victims were among the most surveilled based on location data quantity.
One U.S. device uploaded more than 100,000 location data points.
Additionally, the database contained information on 750,000 users who signed up to plant Spyhide on a victim’s device, indicating significant interest in using surveillance apps.
However, most of these users did not proceed to compromise a phone or pay for the spyware.
Still, some individuals controlled multiple compromised devices, highlighting the potential for widespread misuse.
The compromised data included 3.29 million text messages containing personal information, over 1.2 million call logs, 312,000 call recording files, 925,000 contact lists, and 382,000 photos and images.
There were also records for approximately 6,000 stealthily recorded ambient recordings from victims’ phone microphones.
Despite the risks associated with spyware, Spyhide’s website does not disclose information about the operation’s administrators or origin.
The source code, however, pointed to two Iranian developers, Mostafa M. and Mohammad A., both linked to Spyhide’s domains.
Efforts to reach the developers for comment were unsuccessful.
Stalkerware apps like Spyhide are banned from Google’s app store, forcing users to download them directly from Spyhide’s website.
The spyware app was installed on a virtual device to analyze its data flows and it was found that it sent data to a server hosted by German web hosting company Hetzner.
Hetzner, however, stated it does not allow the hosting of spyware.
Spyware apps can be disguised as normal-looking Android apps, making detection challenging.
Spyhide masquerades as a Google-themed app called “Google Settings” or a ringtone app called “T.Ringtone,” both requesting permission to access device data and secretly sending it to the app’s servers.
To protect against spyware, users should regularly check installed apps through the settings and enable Google Play Protect.
YOU MAY ALSO LIKE: Worldcoin Launches Its ‘World App’ Alongside Identification Tech
A general guide can help remove Android spyware, but caution is necessary as turning off spyware may alert the perpetrator.
The priority should be placed on safeguarding personal devices and sensitive information from unauthorized surveillance.
