Hackers Exploit WebDetetive Servers

Unidentified hackers detected and exploited vulnerabilities in WebDetetive’s servers, according to the report.

The hackers accessed user databases and downloaded records, including customer communications, by hacking the spyware company’s web dashboard.

According to the report, the white-hat hackers could also sever connections between victims’ devices and WebDetetive’s servers thanks to the dashboard breach.

According to the hackers, this prevented devices from transmitting new data to WebDetetive.

WebDetetive is “stalkerware,” a subset of spyware typically installed on victims’ phones without their consent.

Typically initiated by a partner or spouse who suspects infidelity, but there may be more sinister causes.

Government espionage agencies are also highly fond of spyware for surveillance purposes. By compromising WebDetetive’s infrastructure, the hackers may have prevented the theft of thousands of pieces of data.

The hackers furnished TechCrunch with a 1.5GB cache of WebDetetive dashboard data they had stolen.

The publication validated the authenticity of specific cached device identifiers by comparing them to endpoints on WebDetetive’s servers.

However, the news outlet could not independently corroborate that the hackers deleted user data, as claimed. In a note seen by TechCrunch, however, the hackers wrote:

 “Which we definitely did. Because we could. Because #fuckstalkerware.”

According to the report, the cache contained details about WebDetetive customers and compromised devices. It did not, however, contain any content stolen from victims’ phones.

Stalkerware is frequently used by partners who suspect infidelity as well as by government surveillance agencies.

TechCrunch reports that the data revealed that WebDetetive compromised 76,794 devices and contained information on over 74,000 distinct consumer emails.

The report indicates that the stalkerware does not validate customer email addresses.

Additionally, WebDetetive appears to be associated with another spyware program dubbed OwnSpy, which was created in Spain.

TechCrunch’s analysis revealed that WebDetetive’s Android app mainly recycles code from OwnSpy.

Reportedly, portions of OwnSpy’s infrastructure fell offline shortly after TechCrunch reached out to its developer.

However, even ethical hacking can have unintended consequences. Unintentionally alerting the perpetrators who installed the spyware by abruptly severing connections could occur. This could place victims in even greater danger.