A security vulnerability in a stealthy Android spyware operation called Catwatchful has exposed thousands of its customers, including its administrator.
The bug, which was discovered by security researcher Eric Daigle, spilled the spyware app’s full database of email addresses and plaintext passwords that Catwatchful customers use to access the data stolen from the phones of their victims. Catwatchful is spyware masquerading as a child monitoring app that claims to be “invisible and cannot be detected,” all the while uploading the victim’s phone’s private contents to a dashboard viewable by the person who planted the app. The stolen data includes the victims’ photos, messages, and real-time location data.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest news and insights delivered right to your inbox
Related:
- Yahoo Under SEC Investigation for Taking too Long to Reveal Data Breaches
January 23, 2017
Yahoo is in big trouble with US authorities due to how it handled the massive data breaches it disclosed last year, more specifically its failure to inform investors of the issues at an earlier time. The United States Securities and Exchange Commission (SEC) has launched an investigation, the Wall Street Journal reports, which is yet in ...
- Smaller firms set to ‘face £52bn in fines’ for security breaches as cyber-crime skyrockets
January 14, 2017
British firms were each subjected to an average of almost 230,000 cyber attacks in 2016, according to analysis from business internet service provider Beaming. The average volume of attacks hitting individual company firewalls passed the 1,000 per day mark for the first time in November. Meanwhile, the Payment Card Industry Security Standards Council suggested that UK firms ...
- Detroit Car Makers Allegedly Hacked, Names and Social Security Numbers Stolen
January 13, 2017
Detroit’s Big Three automakers are the latest big companies to become victims of hackers, with a new report now claiming that employees’ names and social security numbers might have been exposed during a breach. Details are very sketchy at the moment, and there is no confirmation from the involved companies, but according to the 7 Action ...
- 11 Gigabytes of Sensitive Data Belonging to US DoD Staff Exposed
January 5, 2017
Personal details of doctors who are deployed in the United States Special Operations Command (USSOCOM or SOCOM) have been exposed due to a security vulnerability discovered in a server operated by health services contractor Potomac Healthcare Solutions. MacKeeper Security Researcher Chris Vickery discovered in late December that Potomac, which provides healthcare workers to the government through ...