Security breach reveals Catwatchful spyware is snooping on thousands of phones - here's how to stay safe

1 day ago 20

Image Credit: Flickr (Image credit: Shutterstock)

Catwatchful data leak affects 62,000 victims, including 26,000 victims' phone data
The dodgy developer outed himself by reusing an email address
Google has committed to warning users about the app

Security researcher Eric Daigle has revealed information about a serious data breach affecting Catwatchful, an Android spyware app disguised as a child monitoring tool.

A full user database with plaintext passwords and email addresses affecting over 62,000 users has been leaked as a result, with phone data like messages, photos, location, mic and camera feeds also putting 26,000 victims at risk.

According to the report, the spyware app runs in stealth mode hidden from users, collecting and uploading information.

Catwatchful app is full of spyware

As is typical from stalkerware like this, Catwatchful is an app that operates outside of the Play Store, requiring physical installation via a process known as sideloading.

The app's admin, Uruguay-based developer Omar Soca Charcov, has been exposed because the email he used for Catwatchful had been reused on LinkedIn.

Daigle also noted that Charcov's admin account was the first record in the breached database, with password recovery linked to his personal email address.

The data was stored on Google Firebase, sent via a custom API that was unauthenticated, resulting in open access to user and victim data. The report also confirms that, although hosting had initially been suspended by HostGator, it had been restored via another temporary domain.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Most affected devices affect users in Mexico, Colombia, India, Peru, Argentina, Ecuador and Bolivia.

Daigle was able to exploit a SQL injection vulnerability to get access to the database, leading him to conclude that Firebase was not the source of the vulnerability, but rather the API.

Google has been notified, and although the app isn't distributed on the Play Store, the company has added Google Play Protect alerts for Catwatchful.

To stay protected from threats like this, it’s important to use the best antivirus software, reliable malware removal tools, and strong endpoint protection.

Even well-known apps and tools can have flaws, so running trusted security software and keeping all apps current helps reduce the risk of malware slipping through unnoticed.

New spyware found to be snooping on thousands of Android and iOS users
Why not install one of the best Android antivirus apps to stay safe
Check out the best business VPN tools to keep protected as well

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Read Entire Article