Updated on 2022-10-30: Leaked data shows TheTruthSpy tracked thousands of Americans
Table of Contents
Earlier this year, I obtained the core database of TheTruthSpy’s stalkerware operation, and built a lookup tool to let anyone check if their devices were compromised. Since then we spent weeks analyzing the rest of the database, and it’s huge. The leaked data shows at least 360,000 devices were compromised (up until April, when the database was leaked). But in just six weeks of the most recent data, the database included thousands of GPS location data points, millions of call logs and text messages, and more. Stalkerware is an international problem but more, including from antivirus companies, has to be done to combat it.
Updated on August 2022: TechCrunch launches tool to check for TheTruthSpy stalkerware
On Wednesday at my day job (disclosure alert!), I launched a free lookup tool that lets anyone check if their Android device was compromised by a fleet of stalkerware apps, including TheTruthSpy, which all share the same infrastructure and the same security bug that’s spilling the phone data of hundreds of thousands of victims. After receiving a leaked list of every device that was compromised earlier this year, we built the tool so anyone can check for themselves (since the data wasn’t enough to identify or notify victims), and how to remove the spyware if it’s safe to do so. The list contains about six years of compromised devices up to April 2022, presumably when the data was dumped from TheTruthSpy’s internal network.
Read more in
- TheTruthSpy exposed: This spyware lookup tool says if your Android device was compromised
- Your Android phone could have stalkerware, here’s how to remove it
- TechCrunch launches TheTruthSpy spyware lookup tool
Overview: Android stalkerware exposing images of children
TheTruthSpy, a notorious Android stalkerware app that encourages users to spy on their spouses, is exposing data collected from victims’ phones that includes photos of children and babies, and granular location data. Anyone who knows the link to the exposed data can find it, per @josephfcox. TheTruthSpy is one of several near-identical stalkerware apps with the same security flaw.
Read more in
- Android Stalkerware ‘TheTruthSpy’ Exposing Images of Children Online
- Behind the stalkerware network spilling the private phone data of hundreds of thousands
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
