LetMeSpy Reports Massive Data Theft in Recent Attack by Hackers
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
A popular Android phone tracking app, LetMeSpy in a statement disclosed a data breach incident that allowed an unauthorized third-party to steal sensitive information of thousands of users.
The security breach occurred in late June 2023, when an unknown hacker compromised the spyware’s network system and exfiltrated email addresses, phone numbers, call logs, messages, and location information of its website users.
On discovering the incident, the company immediately informed the concerned law enforcement and Polish data protection authority, UODO. As a containment measure, LetMeSpy has suspended all account-related activities (website and app). The threat actor as well as their motive behind the attack remains unknown.
In January 2023, the data on LetMeSpy’s website revealed that its app had been used to track 236,322 phones worldwide. It had collected more than 63.5 million text messages, 39.7 million call logs, and 43.2 million locations.
The data breach was first reported by a Polish security research blog Niebezpiecznik. In addition to analyzing the stolen data that included information on thousands of users, the researchers also reached out to LetMeSpy for confirmation, but the response came from the hackers instead. They claimed to have taken over the spymaker’s domain and reportedly deleted the databases stored on the server.
Moreover, TechCrunch’s analysis of the leaked information revealed that the stolen user records date back to 2013, when LetMeSpy was first launched. It also contained information on nearly 13,000 compromised devices and 13,400 locations of thousands of victims. The location points revealed that the majority of victims were from the US, India, and Western Africa.
i2VPN Data Breach Exposed User Data in Telegram Group
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
In a recent data breach incident, threat actors claimed to have successfully hacked into i2VPN’s computer system and exfiltrated sensitive admin and user information, reveals a new report from SafetyDetectives.
Developed by i2tek, I2VPN is a free, no registration VPN proxy server app available to download on both Google Play and App Store. Since its launch, the app has been downloaded more than 500,000 times on Play store while for the iOS devices, the current download numbers are unavailable. Thus, making it inconceivable to estimate the number of users exposed to the breach.
The incident which occurred last month came to light when the researchers discovered the stolen information posted on an Arabic-speaking hacker channel. ‘’The hackers shared [..] on an Arabic-speaking hacker channel together with the message “حالا هی برید vpn های ناامن رایگان نصب کنید,” which, based on a web-translation, reads as “Now go install a free, unsecure VPN service,” stated the report.
The publicly available data contained the admin’s email ID and password, along with screenshots of the VPN’s dashboard displaying information about data centres and users’ subscription details. User subscription data included user account name, IDs, email addresses, payment information, and expiry dates. Although user data was not directly exposed by the hackers, access to admin credentials do present a potential threat. When accessed by a threat actor, it exposes the unsuspecting user to different security threats including spying and phishing attacks.
The report further revealed that the breached data was posted in a Telegram group on May 29, 2023. Details about the hackers behind this attack remain unknown as no threat group has claimed the attack nor has i2tek released any statement.
