Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,212
- Points
- 113
Spytech, a Minnesota-based spyware manufacturer, has been hacked, revealing that tens of thousands of devices around the world are under the company's covert remote surveillance.
Information about the hack came from a person who has access to the company's database. The source provided TechCrunch with a cache of files from servers containing detailed logs of the activity of devices, phones, tablets and computers that are tracked by Spytech, and some of the files date back to the beginning of June. TechCrunch confirmed the authenticity of the data by partially analyzing device activity logs associated with the company's chief executive officer, Nathan Polenchek, who installed spyware on one of his devices.
Spytech's spy programs – Realtime-Spy and SpyAgent-have been used to compromise more than 10,000 devices since 2013, including Android devices, Chromebooks, Macs, and Windows PCs around the world, according to the report. Polenchek first learned about the hack from a TechCrunch email and has not yet discovered the data leak, but has launched an investigation and promised to take appropriate action.
Spytech makes remote access applications (stalkerware), which are sold under the guise of parental control programs, but are also advertised as a tool for tracking the devices of spouses and partners. The company's website openly offers similar surveillance products.
Stalkerware is usually installed by a person with physical access and knowledge of the victim's device password. Stalkerware works covertly, so it is difficult to detect and remove such software. Once installed, the spyware collects information about keystrokes, screen taps, web search history, device activity, and, in the case of Android devices, location data.
The leaked data contains logs of all monitored devices, including unencrypted activity logs. Analysis of the victims ' location data showed that most of the devices are located in Europe, the United States, Africa, Asia, Australia, and the Middle East. One of the records linked to Polencek's administrator account contains the exact geolocation of his home in Minnesota.
Although the leak includes a lot of sensitive and personal information obtained from people's devices (some of them may not know about monitoring), the data does not contain enough identifying information for TechCrunch to notify victims of the leak.
When asked by TechCrunch if the company plans to notify its customers or the relevant authorities (as required by data breach laws), Polenchek did not respond. The agency tried to contact the Attorney General of Minnesota, but there was no response.
Spytech has been around since at least 1998. Until 2009, the company's activities went unnoticed, until an Ohio man was convicted of using Spytech spyware to infect the computer systems of a children's hospital in order to track the email of his ex-girlfriend working there. The spyware got into the hospital's systems as soon as the girl opened the infected attachment. In addition to the girl's personal email, the program collected confidential information about patients ' health.
Spytech is the second U.S. spyware manufacturer to suffer a data breach in recent months. In May, a hacker hacked the site of the pcTattletale spy app, which turned out to be installed in the check-in systems of several Wyndham hotels in the United States. The attacker posted offensive content on the official page and leaked more than a dozen archives containing databases and the source code of the program to the public.
----
Recently, the specialists of the technical publication TechCrunch became aware of a very interesting incident in the world of IT. A small company Spytech from Minnesota, specializing in the production of spyware, was the victim of a hacker attack. As a result of the leak, it became known about thousands of devices around the world that are under covert surveillance.
TechCrunch experts received files from Spytech servers containing detailed logs of device activity, such as phones, tablets, and computers. The data includes records dated to the beginning of June of this year, and their authenticity was confirmed during an independent review.
According to leaked data, Spytech spyware such as Realtime-Spy and SpyAgent has been used to hack into more than 10,000 devices since 2013, including Android, Chromebook, Mac and Windows devices.
It is noteworthy that Spytech has already become the fifth manufacturer of spyware hacked this year.
Before that, the same fate befell:
TheTruthSpy
WebDetetive
pcTattletale
mSpy.
And if you extend the surveillance interval to 6-7 years, you will already have a couple of dozen hacked spy organizations.
Spytech CEO Nathan Polenchek said this is the first time he's heard about the leak and is currently investigating the incident. Spytech produces remote access programs, often referred to as" stalker software " or Stalkerware.
Such software is often sold as a tool for parental control or surveillance of employees, which is technically legal. However, the same Spytech openly advertises its products on the official website as an ideal tool for spying on a partner.
Companies that produce Stalkerware are in a gray area in terms of their legitimacy. The main problem is that the programs themselves can be used for both legitimate and illegal purposes. And in case of detection of illegal use, all responsibility usually lies with the end users, and not with the manufacturers, which complicates the process of bringing the latter to justice.
Although the pressure from the public and human rights organizations on such companies is gradually increasing, and some countries have already begun to tighten laws and hold manufacturers accountable, unfortunately, it is still far from the adoption of unified international regulations in this area.
Stalker apps are usually installed by a person who has physical access to the target device and knows its password. These apps may remain hidden and difficult to detect. After installation, the spyware sends data about keystrokes, browser history, and other device activity to a dashboard controlled by the customer.
As for Spytech, the leaked company data contains logs of all devices under Spytech's control, including data on each device activity. Most of the compromised devices are Windows PCs, as well as Android, Mac, and Chromebook devices.
Despite the presence of a large amount of personal data, the leaked files do not contain enough information to notify affected device owners about hacking. Spytech has not yet said whether it plans to notify its customers or U.S. government agencies, as required by data leak reporting laws.
Information about the hack came from a person who has access to the company's database. The source provided TechCrunch with a cache of files from servers containing detailed logs of the activity of devices, phones, tablets and computers that are tracked by Spytech, and some of the files date back to the beginning of June. TechCrunch confirmed the authenticity of the data by partially analyzing device activity logs associated with the company's chief executive officer, Nathan Polenchek, who installed spyware on one of his devices.
Spytech's spy programs – Realtime-Spy and SpyAgent-have been used to compromise more than 10,000 devices since 2013, including Android devices, Chromebooks, Macs, and Windows PCs around the world, according to the report. Polenchek first learned about the hack from a TechCrunch email and has not yet discovered the data leak, but has launched an investigation and promised to take appropriate action.
Spytech makes remote access applications (stalkerware), which are sold under the guise of parental control programs, but are also advertised as a tool for tracking the devices of spouses and partners. The company's website openly offers similar surveillance products.
Stalkerware is usually installed by a person with physical access and knowledge of the victim's device password. Stalkerware works covertly, so it is difficult to detect and remove such software. Once installed, the spyware collects information about keystrokes, screen taps, web search history, device activity, and, in the case of Android devices, location data.
The leaked data contains logs of all monitored devices, including unencrypted activity logs. Analysis of the victims ' location data showed that most of the devices are located in Europe, the United States, Africa, Asia, Australia, and the Middle East. One of the records linked to Polencek's administrator account contains the exact geolocation of his home in Minnesota.
Although the leak includes a lot of sensitive and personal information obtained from people's devices (some of them may not know about monitoring), the data does not contain enough identifying information for TechCrunch to notify victims of the leak.
When asked by TechCrunch if the company plans to notify its customers or the relevant authorities (as required by data breach laws), Polenchek did not respond. The agency tried to contact the Attorney General of Minnesota, but there was no response.
Spytech has been around since at least 1998. Until 2009, the company's activities went unnoticed, until an Ohio man was convicted of using Spytech spyware to infect the computer systems of a children's hospital in order to track the email of his ex-girlfriend working there. The spyware got into the hospital's systems as soon as the girl opened the infected attachment. In addition to the girl's personal email, the program collected confidential information about patients ' health.
Spytech is the second U.S. spyware manufacturer to suffer a data breach in recent months. In May, a hacker hacked the site of the pcTattletale spy app, which turned out to be installed in the check-in systems of several Wyndham hotels in the United States. The attacker posted offensive content on the official page and leaked more than a dozen archives containing databases and the source code of the program to the public.
----
Recently, the specialists of the technical publication TechCrunch became aware of a very interesting incident in the world of IT. A small company Spytech from Minnesota, specializing in the production of spyware, was the victim of a hacker attack. As a result of the leak, it became known about thousands of devices around the world that are under covert surveillance.
TechCrunch experts received files from Spytech servers containing detailed logs of device activity, such as phones, tablets, and computers. The data includes records dated to the beginning of June of this year, and their authenticity was confirmed during an independent review.
According to leaked data, Spytech spyware such as Realtime-Spy and SpyAgent has been used to hack into more than 10,000 devices since 2013, including Android, Chromebook, Mac and Windows devices.
It is noteworthy that Spytech has already become the fifth manufacturer of spyware hacked this year.
Before that, the same fate befell:
TheTruthSpy
WebDetetive
pcTattletale
mSpy.
And if you extend the surveillance interval to 6-7 years, you will already have a couple of dozen hacked spy organizations.
Spytech CEO Nathan Polenchek said this is the first time he's heard about the leak and is currently investigating the incident. Spytech produces remote access programs, often referred to as" stalker software " or Stalkerware.
Such software is often sold as a tool for parental control or surveillance of employees, which is technically legal. However, the same Spytech openly advertises its products on the official website as an ideal tool for spying on a partner.
Companies that produce Stalkerware are in a gray area in terms of their legitimacy. The main problem is that the programs themselves can be used for both legitimate and illegal purposes. And in case of detection of illegal use, all responsibility usually lies with the end users, and not with the manufacturers, which complicates the process of bringing the latter to justice.
Although the pressure from the public and human rights organizations on such companies is gradually increasing, and some countries have already begun to tighten laws and hold manufacturers accountable, unfortunately, it is still far from the adoption of unified international regulations in this area.
Stalker apps are usually installed by a person who has physical access to the target device and knows its password. These apps may remain hidden and difficult to detect. After installation, the spyware sends data about keystrokes, browser history, and other device activity to a dashboard controlled by the customer.
As for Spytech, the leaked company data contains logs of all devices under Spytech's control, including data on each device activity. Most of the compromised devices are Windows PCs, as well as Android, Mac, and Chromebook devices.
Despite the presence of a large amount of personal data, the leaked files do not contain enough information to notify affected device owners about hacking. Spytech has not yet said whether it plans to notify its customers or U.S. government agencies, as required by data leak reporting laws.
