The unnamed hackers claim to have gained access to the systems of WebDetetive, a stalkerware developer, and removed information about monitored devices in order to protect the company’s victims from surveillance. Spyware allows unhindered access to a person’s device, both for the government to spy on citizens and for an attacker illegally collecting data. Now WebDetective will not be able to collect data from victims’ devices.
Wikipedia highlights the following key distinguishing features of stalkerware:
- availability of monitoring functions (keyloggers, screenshots, Internet activity monitoring, location tracking, video and sound recording);
- work in hidden mode (without notifying the user, the application is not in the list of installed programs, disguised as system processes);
- the requirement to disable antivirus protection built into the operating system or protection for the installation and/or operation of the application;
- Installation bypassing official app stores.
According to the hackers, WebDetective tracked more than 76,000 devices and their owners, collecting more than 1.5 GB of data. The virtual Robin Hoods erased all information they had access to. “Because #f**kstalkerware”the hackers wrote in a message received by TechCrunch.
Although TechCrunch has not independently confirmed the deletion of victims’ data from the WebDetetive server, the data cache shared by the hackers gave an indication of what they were able to achieve. According to information from the non-profit organization DDoSecrets, which registers publicly available data, the hackers actually managed to obtain the IP addresses and device characteristics of WebDetective victims.