An Interest In:
Web News this Week
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
Some of Our Sources
- Mashable
- Web Designer Wall
- Just Creative
- Smashing Magazine
- FanExtra - PSD
- Noupe
- My Ink Blog
- Fudge Graphics
- Hashedout
- TechPowerUp
Help Webnuz
Referal links:
September 5, 2018 01:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ROazTRNi5Kg/mobile-spyware-maker-mspy-leaks-millions-of-sensitive-records
Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records
mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware. Krebs On Security reports: Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy's site and for mobile phone data collected by mSpy's software. The database required no authentication. Before it was taken offline sometime in the past 12 hours, the database contained millions of records, including the username, password and private encryption key of each mSpy customer who logged in to the mSpy site or purchased an mSpy license over the past six months. The private key would allow anyone to track and view details of a mobile device running the software, Shah said. In addition, the database included the Apple iCloud username and authentication token of mobile devices running mSpy, and what appear to be references to iCloud backup files. Anyone who stumbled upon this database also would have been able to browse the Whatsapp and Facebook messages uploaded from mobile devices equipped with mSpy. Other records exposed included the transaction details of all mSpy licenses purchased over the last six months, including customer name, email address, mailing address and amount paid. Also in the data set were mSpy user logs -- including the browser and Internet address information of people visiting the mSpy Web site.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ROazTRNi5Kg/mobile-spyware-maker-mspy-leaks-millions-of-sensitive-records
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot