A company called TheTruthSpy that makes consumer-grade spyware puts the security and privacy of thousands of people at risk because its mobile spying apps are installed on their Android devices without their knowledge. This is because the company’s owners never fixed a simple security flaw.
Now, two separate hacking groups have found the hole that lets a lot of people get to the data on stolen phones straight from TheTruthSpy’s servers.
In a blog post, hacker Maia Arson Crimew from Switzerland said that the flaw was found and used by the hacking groups SiegedSec and ByteMeCrew in December 2023. ByteMeCrew gave Crimew a copy of TheTruthSpy’s victim data. Crimew also talked about finding new security holes in TheTruthSpy’s software stack.
SPIKE LOOKUP TOOL
This is where you can find out if your Android phone or computer was hacked.
SiegedSec and ByteMeCrew said in a Telegram post that they are not going to make the breached data public because it is very private.
Crimew gave TechCrunch some of the data that was stolen from TheTruthSpy so that it could be checked and analyzed. This data included the unique IMEI numbers and advertising IDs of tens of thousands of Android phones that were recently stolen by TheTruthSpy.
The new data was confirmed to be real by comparing some of the IMEI numbers and advertising IDs to a list of devices that TechCrunch already knew had been hacked by TheTruthSpy. This list was found during an earlier investigation.
The most recent set of data includes the Android device IDs of all the phones and tablets that TheTruthSpy stole from until December 2023. The data shows that TheTruthSpy is still actively spying on big groups of people in Europe, India, Indonesia, the US, the UK, and other places.
TechCrunch has added several hundred thousand new unique codes for Android devices to our free spyware lookup tool. This lets you see if TheTruthSpy got into your Android device.
A bug in TheTruthSpy let hackers see the data on users’ devices.
At one point, TheTruthSpy was one of the most popular apps for secretly spying on cell phones.
There are a lot of almost similar Android spyware apps, like Copy9, iSpyoo, and others, that are put on someone’s device without them knowing. TheTruthSpy is one of them. People use these apps, which are sometimes called “stalkerware” or “spouseware,” to spy on people, usually partners, without their knowledge.
Apps like TheTruthSpy are made to stay hidden on home screens. This makes them hard to find and get rid of, while they continuously upload a victim’s phone’s contents to a monitor that the abuser can see.
But while TheTruthSpy bragged about how well it could spy on people, the spyware company didn’t care much about how safe the data it was stealing was.
TechCrunch looked into consumer-grade spyware apps in February 2022 and found that TheTruthSpy and its copies have a flaw that lets anyone see the victim’s phone data that is kept on TheTruthSpy’s servers. The bug is especially bad because it is very easy to use and lets hackers see all the information that an Android user’s device sends and receives, like text messages, pictures, call recordings, and their exact location in real time.
But the people who ran TheTruthSpy never fixed the bug, so people who used it could have their info stolen even more. Later, only some details about the bug, which is called CVE-2022-0732, were made public. TechCrunch is still not revealing more about the bug because it still puts users at risk.
Because the bug was so easy to use, it was only a matter of time before it was used by the public.
TheTruthSpy tied to a startup in Vietnam called 1Byte
After a string of security problems with TheTruthSpy, and by extension with the devices of hundreds of thousands of people whose data has been stolen, this is the latest one.
A source gave TechCrunch secret data in June 2022 that included records of every Android device that TheTruthSpy had ever hacked. TechCrunch made a spyware lookup tool so that anyone can check for themselves if their devices were hacked. This was done because victims couldn’t be told without possibly telling their attackers.
To see if an IMEI number or advertising ID has been hacked by TheTruthSpy or one of its copies, the finding tool checks against a list. TechCrunch also has information on how to get rid of TheTruthSpy bugs, if it is safe to do so.
But TheTruthSpy’s weak security measures and servers that let information out also helped reveal the real names of the coders who ran the operation, who had worked hard to hide their identities.
TechCrunch later learned that TheTruthSpy is run by a company in Vietnam called 1Byte. Through our research, we learned that 1Byte made millions of dollars over the years from selling spyware by sending customer payments to Stripe and PayPal accounts that were set up under fake American names with fake Social Security numbers, passports, and other fake documents.
After looking into it, we found that the fake names were tied to bank accounts in Vietnam that were run by Van Thieu, the director of 1Byte, and other employees. People paid more than $2 million to TheTruthSpy at its peak.
TechCrunch recently asked PayPal and Stripe to stop the spyware maker’s accounts. So did the U.S. web hosting companies that 1Byte used to host the spyware operation’s infrastructure and store the huge amounts of stolen phone data from victims.
Since U.S. web hosts removed TheTruthSpy from their networks, the spyware is now being stored on servers in Moldova by a company run by Alexandru Scutaru. This company says it will ignore U.S. requests to take down content that violates copyright laws.
Even though it has been slowed down and made less useful, TheTruthSpy is still helping to spy on thousands of people, including Americans.
Also Read: Hackers Broke Into Microsoft to Find Out What the Company Knows About Them
The TruthSpy will continue to risk the safety and privacy of its victims, both past and present, as long as it is online and running. Not only does the spyware get into people’s digital lives, but TheTruthSpy also can’t keep the information it steals from getting out on the internet.
What do you say about this story? Visit Parhlo World For more.
