TheTruthSpy Login Credentials stolen by a hacker
TheTruthSpy has been hacked, reported by cybersecurity researchers from the International Institute of Cyber Security.
TheTruthSpy, one of the most popular stalkerware company. It is an iOS and Android app that enables one user to spy on another user’s phone. This spyware company advertises software for partners to track each other.
This software is not available on official web stores.
This software helps people to track the location of victim’s phone, view call logs (including deleted ones) and record calls, read SMS texts and browsing histories, and even locate the current location of the victim.
This spyware company has been hacked by a person having initials as L.M., he stated to Motherboard that he obtained access to the server of this company in February 2018. And he also stolen login IDs, passwords, audio files, photos, location information, text messages content, social media chats, and other data.
He shared some of the user’s login credential of this company in front of the media. The cybersecurity experts verified these samples and found to be authentic.
How the company’s server got hacked?
L.M. gained access to the TheTruthSpy Servers by reversing engineering the android app and identified a flaw within a server. Inside the media server, L.M. discovered the unique IDs of all customers with audio files having named as “cell phone ID_date_time.”
For so many months, he was able to control all victims over the world. He had admin access to the server of this spyware company and has access to more than 10,000 customer accounts. He also noticed that some of the customers are having the same passwords for the emails on Amazon and Paypal account. But he stated that he could steal money very easily but he didn’t do so.
Now the access to the servers of this spyware company was lost by L.M after the company updated their server. L.M. stated, in an online chat with Motherboard that:
“They take care about how to spy, and not take care about how they secure the attackers’ and victims’ privacy.”
Recently another spyware company, Spyfone revealed customer’s data like audio recordings, text messages, photos and web history.