Spyware Maker LetMeSpy Shuts Down After Hacker Deletes Server Data (techcrunch.com) 20
An anonymous reader quotes a report from TechCrunch: Poland-based spyware LetMeSpy is no longer operational and said it will shut down after a June data breach wiped out its servers, including its huge trove of data stolen from thousands of victims' phones. In a notice on its website in both English and Polish, LetMeSpy confirmed the "permanent shutdown" of the spyware service and that it would cease operations by the end of August. The notice said LetMeSpy is blocking users from logging in or signing up with new accounts. A separate notice on LetMeSpy's former login page, which no longer functions, confirmed earlier reports that the hacker who breached the spyware operation also deleted the data on its servers. "The breach consisted of unauthorized access to the LetMeSpy website's database, downloading and at the same time deleting data from the website by the author of the attack," the notice reads. LetMeSpy's app no longer functions, a network traffic analysis by TechCrunch shows, and the spyware maker's website no longer provides the spyware app for download.
LetMeSpy was an Android phone monitoring app that was purposefully designed to stay hidden on a victim's phone home screen, making the app difficult to detect and remove. When planted on a person's phone -- often by someone with knowledge of their phone passcode -- apps like LetMeSpy continually steal that person's messages, call logs and real-time location data. A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis. The data showed that LetMeSpy, until recently, had been used to steal data from more than 13,000 compromised Android devices worldwide, though LetMeSpy's website claimed prior to the breach that it controlled more than 236,000 devices. The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment.
LetMeSpy was an Android phone monitoring app that was purposefully designed to stay hidden on a victim's phone home screen, making the app difficult to detect and remove. When planted on a person's phone -- often by someone with knowledge of their phone passcode -- apps like LetMeSpy continually steal that person's messages, call logs and real-time location data. A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis. The data showed that LetMeSpy, until recently, had been used to steal data from more than 13,000 compromised Android devices worldwide, though LetMeSpy's website claimed prior to the breach that it controlled more than 236,000 devices. The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment.
Re: (Score:2)
Apparently the intruder copied the servers before deleting them, so perhaps it is terrible. (Not their shutting down, of course.)
Re: (Score:2)
Many families this hack will destroy. Grabbing the popcorn.
Re: (Score:3)
If someone in your family is reading your messages and monitoring your calls and location without your knowledge, then your family is already destroyed. Don't be too quick with the popcorn, Maybe you'll discover it was your own parents or S/O who were spying on you
Re: (Score:2)
You say that like they don't deserve to have their private data stolen. Remember these people bought spyware to put on other peoples phones.
Re: (Score:3)
Well, you can argue that those who purchased it and those who used it deserve public exposure, but why do you think that was all that was in the database? I find it quite likely that those spied upon were also in that database.
So, completely done? (Score:4, Funny)
Hacker Deletes Server Data
'Cause they don't have any backups?
Re:So, completely done? (Score:4, Interesting)
Apparently not. Or else they've decided that setting back up is only an invitation to more grief.
Or that they have enough information on the backups to just sell it and retire...
Your greyhats at work (Score:4, Insightful)
Now those fuckers know how it feels to have their systems completely violated!
Re: (Score:1)
Department of Irony & Redundancy Department.
karma's a bitch (Score:5, Funny)
Good riddance (Score:1)
Now why were these folks allowed to operate as if they were a legitimate business?
Re: (Score:3)
Re: (Score:2)
Recursive? (Score:2)
"The breach consisted of unauthorized access to the LetMeSpy website's database, downloading ... data from the website"
Maybe it wasn't a hack at all. Maybe one of their devs accidentally pointed their product at themselves.
One Down... (Score:2)
I would play a violin for you (Score:2)
But I can't play the violin, and if I did I don't think I could find one small enough.
Has it hit Techcrunch.com as well? (Score:2)
The techcrunch link no longer works (for me), has the unknown hacker deleted something there as well?
Conspiracy angle (Score:2)
...or they were worried about impending legal action and suddenly "We have no data! We were hacked!"
I should be sad? (Score:3)
Given that the LetMeSpy people got all that data by stealing it in the first place ... I somehow find little sympathy for them and their "loss." [ptui]
Karma's a real mother, isn't it?