New post Need visibility? Apply for a FREE post for your Startup.  Apply Here

ArticleBig StoryNews

LetMeSpy Hack Exposes Users’ Messages, Call Logs, and Locations

2 Mins read

A recent security breach has revealed that LetMeSpy, a widely used phone monitoring app, has fallen victim to a hacker who gained unauthorized access to sensitive user data. The breach has resulted in the theft of intercepted messages, call logs, and locations, putting the privacy and security of thousands of Android phone users at risk. Also known as stalkerware or spouseware, these kinds of phone monitoring apps are often planted by someone — such as spouses or domestic partners — with physical access to a person’s phone, without their consent or knowledge.

The Breach and Its Impact

The LetMeSpy app, known for its stealthy operation and hidden presence on a phone’s home screen, allows individuals with physical access to a target device to silently monitor its text messages, call logs, and real-time location data. Unfortunately, this deep level of access often comes with security flaws, as demonstrated by the recent breach. The hacker gained access to LetMeSpy’s databases, compromising email addresses, telephone numbers, and the content of intercepted messages.

Revelations from the Hacked Data

The breach was first reported by the Polish security research blog Niebezpiecznik, which contacted the spyware maker for comment. Surprisingly, the hacker responded instead, claiming to have full control of the spyware maker’s domain. The stolen LetMeSpy database, subsequently obtained by nonprofit transparency collective DDoSecrets and shared with TechCrunch, revealed years’ worth of victims’ call logs and text messages dating back to 2013.

Extent of Compromised Devices and Personal Data

The reviewed data contained records on at least 13,000 compromised devices, although some shared limited information with LetMeSpy. Notably, LetMeSpy’s website previously claimed to track over 236,000 devices and collect millions of call logs, text messages, and location data points. The leaked data also exposed the spyware’s master database, revealing details about 26,000 free users and the email addresses of paying subscribers. Moreover, the location data points indicated that the majority of victims were located in the United States, India, and Western Africa.

a screenshot of a world map showing the victims' location data points in clusters around the U.S., India and parts of Africa.

a screenshot of a world map showing the victims’ location data points in clusters around the U.S., India and parts of Africa.
© Provided by TechCrunch

Challenges in Notifying Victims

While it remains unclear whether LetMeSpy will notify the affected users, the leaked database lacks identifiable information that would enable direct victim notification. The delicate nature of spyware usage also poses challenges, as alerting victims could potentially jeopardize their safety if the spyware’s operator becomes aware of the breach.

The Developer’s Identity and LetMeSpy’s Response

Interestingly, the leaked data revealed the identity of the LetMeSpy app’s developer, Rafal Lidwin, based in Krakow, Poland. However, Lidwin has not responded to requests for comment. LetMeSpy claimed to have informed law enforcement and the Polish data protection authority about the breach, although the response from authorities remains unknown.

Ensuring Protection and Removal of Spyware

In light of this breach and similar incidents involving spyware, it is crucial for users to remain vigilant. Android users can take precautions by regularly checking for suspicious apps, including LetMeSpy, and uninstalling them. Google Play Protect, a built-in safeguard, should also be enabled to defend against malicious Android apps.

Conclusion

The LetMeSpy hack serves as a stark reminder of the privacy risks associated with phone monitoring apps. The breach exposed the personal data of thousands of users and highlighted the need for stronger security measures within the industry. As technology advances, it is imperative that individuals remain cautious and proactive in safeguarding their devices against potential intrusions.

Don’t miss any tech news ever!

We don’t spam! Read our privacy policy for more info.

375 posts

About author
There's this unexplainable joy I get whenever I write, knowing fully well that my copy will transform people's life and destiny. This rare feeling elates me and encourages me to write more value-packed pieces. I think a divine being has possessed me to write, that is why I write, Therefore, I will advise every of my piece should be regarded as a divine message.
Articles
Related posts
ArticleRandom

MTN Plans To Launch Bank

2 Mins read
MTN, one of Africa’s largest telecommunications companies, has announced its plans to launch a bank in a bid to expand its financial…
ArticleForeign startupsRandom

Lumen Orbit Secures $11M In Seed Funding

1 Mins read
Lumen Orbit, a leading AI startup company has secured $11 million in seed funding to develop its groundbreaking orbital data centers. The…
ArticleForeign startupsRandom

Dimension Raises $500M In Series Funding

2 Mins read
Dimension Biotech is a venture capital firm that focuses only on investing in biotechnology and technology startups. The firm’s investment strategy is…
Newsletter Subscription

🤞 Don’t miss any update!

We don’t spam! Read more in our privacy policy

Join our Telegram channel here - t.me/TechpadiAfrica

Leave a Reply

×
Big StoryNewsRandom

How to Silence Spam Calls from Unknown Contacts on WhatsApp