Bitcoin reached a new all-time high of $118,900 on Friday, surpassing its previous record of $113,822 set on Thursday. As Read more
Selling software to companies can be a daunting task, especially when it comes to meeting security requirements. Chas Ballew, founder Read more
Earlier this week, San Diego startup Gallant announced $18 million in funding to bring the first FDA-approved ready-to-use stem cell Read more
The world’s richest man buys out one of the most popular social media platforms and uses it as a propaganda Read more
A stalkerware maker with a history of multiple data leaks and breaches now has a critical security vulnerability that allows anyone to take over any user account and steal their victim’s sensitive personal data. Independent security researcher Swarang Wade found the flaw in the stalkerware app TheTruthSpy, highlighting the lack of trustworthiness in consumer spyware companies. The vulnerability poses a significant risk to the unsuspecting victims of TheTruthSpy’s spyware.
TheTruthSpy, a long-standing spyware operation, has faced numerous security flaws over the years. Developed by 1Byte Software, the spyware network has been linked to various brands like Copy9 and iSpyoo. An investigation in 2021 revealed a security bug in TheTruthSpy that exposed private data of 400,000 victims, leading to further revelations of illicit money-laundering practices within the operation.
Despite past breaches and scandals, TheTruthSpy has rebranded as PhoneParental, maintaining its vulnerable infrastructure. Director Van Thieu continues to be involved in the development of phone-monitoring software, raising concerns about ongoing surveillance activities. The operation still relies on JFramework, developed by Thieu, to transmit data back to its servers, indicating a persistent risk to user privacy.
In an email, Thieu mentioned that he is rebuilding the apps from scratch, including a new phone-monitoring app called MyPhones.app. This app relies on the JFramework for its back-end operations, the same system used by TheTruthSpy. TechCrunch has a guide on how to identify and remove stalkerware from your phone.
TheTruthSpy, along with other stalkerware operators, poses a threat to victims whose phones are compromised by its apps. This is not only due to the sensitive data they steal but also because they have repeatedly shown their inability to keep their victim’s data secure.
If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) offers 24/7 free, confidential support to victims of domestic abuse and violence. In case of an emergency, call 911. The Coalition Against Stalkerware provides resources for those who suspect their phone has been compromised by spyware.
