Commercial spyware maker mSpy has been breached – again – and millions of purchasers can be identified from the spilled records.… mSpy showed up on Have I Been Pwned on July 11, with the site revealing hacktivists were responsible for the theft of millions of Zendesk support tickets from buyers unable to use the software.
“Comprising 142GB of user data and support tickets along with 176GB of more than half a million attachments, the data contained 2.4M unique email addresses, IP addresses names and photos,” the mSpy entry on Have I Been Pwned reads. The site attachments included screen grabs of financial transactions, photos of credit cards and even some nude selfies.
Read more…
Source: MSN News
Related:
- iPhones running latest iOS hacked to deploy NSO Group spyware
July 19, 2021
Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple’s latest iOS release, hacked using zero-day zero-click iMessage exploits. “Amnesty International has observed evidence of compromise of the iPhone XR of an Indian journalist ...
- Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware
July 16, 2021
A set of unique spyware strains created by an Israeli firm and allegedly used by governments around the world to surveil dissidents has been defanged by Microsoft, the software giant said. The private company, called variously Candiru, Grindavik, Saito Tech and Taveta (and dubbed “Sourgum” by Microsoft), reportedly sells its wares exclusively to governments, according to ...
- How Myanmar’s military moved in on the telecoms sector to spy on citizens
May 19, 2021
In the months before the Myanmar military’s Feb. 1 coup, the country’s telecom and internet service providers were ordered to install intercept spyware that would allow the army to eavesdrop on the communications of citizens, sources with direct knowledge of the plan told Reuters. The technology gives the military the power to listen in on calls, ...
- Flubot Spyware Spreading Through Android Devices
April 26, 2021
Android mobile phone users across the U.K. are being targeted by text messages containing a particularly nasty piece of spyware called “Flubot,” according to the country’s National Cyber Security Centre. The malware is delivered to targets through SMS texts and prompts them to install a “missed package delivery” app. Instead, it takes victims to a scam ...
- APT32 state hackers target human rights defenders with spyware
February 23, 2021
Vietnam-backed hacking group APT32 has coordinated several spyware attacks targeting Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The state hackers also pointed their attacks at a nonprofit (NPO) human rights organization from Vietnam, as Amnesty International’s Security Lab revealed (full report here). The spyware used by the APT32 hackers allowed them to read ...
- Masslogger Swipes Microsoft Outlook, Google Chrome Credentials
February 17, 2021
Cybercriminals are targeting Windows users with a new variant of the Masslogger trojan, which is spyware designed to swipe victims’ credentials from Microsoft Outlook, Google Chrome and various instant-messenger accounts. Researchers uncovered the campaign targeting users in Italy, Latvia and Turkey starting in mid-January. When the Masslogger variant launched its infection chain, it disguised its malicious ...