September 29, 2022

SHSU Houstonian Online

Read all latest news headlines from USA, UK and around the world, get today's breaking news and live updates on politics, elections, business, sports, economy,​ …

TechCrunch releases tool that scans Android devices for Stalkerware – Computer – News

TechCrunch has published a tool that allows Android users to check if their device contains Stalkerware from TheTruthSpy. The data comes from TheTruthSpy servers and includes the imei numbers of hundreds of thousands of Android users.

Got TechCrunch In early June, cache files from TheTruthSpy servers containing lists of imei numbers and ad identifiers for Android devices that still contained Stalkerware apps from TheTruthSpy in April. TheTruthSpy is a company that started this year Via TechCrunch It made headlines for selling commercially available software that can spy on users of smartphones and desktop computers. The program also contained a vulnerability that allowed obtaining user information on servers without the need for authentication. The website’s editors then discovered that this company’s stalkerware apps have affected at least 400,000 Android users.

Stalkerware can record GPS location, photos, web history, emails and chats, and keystrokes, among other things. TheTruthSpy released the stalkerware application under its own name, as well as under other names such as Copy9, MxSpy, iSpyoo, SecondClone, TheSpyApp, ExactSpy, GuestSpy and FoneTracker. According to TechCrunch, all of these apps communicate with the same servers and the cache files for those servers are now in the hands of the website.

TechCrunch advises interested parties not to use the tool on a potentially infected device. The examination must be performed with another device. Users then need to enter the device’s IMEI number or advertising ID into the online tool. It then checks for the presence of numbers in TheTruthSpy servers cache files.

If the tool indicates that your Android device is infected, the Stalkerware app can be removed, according to TechCrunch, by enabling Google Play Protect and checking access settings for unknown services and then uninstalling them. TechCrunch also states that device supervisoron Android, and should be removed if necessary. Users should also check Android apps list for apps they don’t recognize.

See also  Microsoft launches Outlook Lite app for Android in limited countries - Tablets and Phones - News

Stalkerware TheTruthSpy apps are usually surreptitiously installed on victims’ devices, but the apps also contain Locking object references directly– Vulnerability, or IDOR weakness for short. This allows hackers to retrieve the personal information of affected individuals from servers without authentication. The vulnerability is rated as CVE-2022-0732.