All those mSPY users who have been keeping a track of the mobile activity of your children and partners, you better be aware of this latest cyber threat.
A cyber alert issued by KerbsOnSecurity says that hackers have gained access to over 2 million records which includes info related to software purchases and iCloud usernames and authentication tokens of devices running on mSpy.
Note 1- mSpy is a mobile app which helps keep a track of text messages, call logs, emails, location tracking, and calendar info and can even help record conversations. Generally, this app is installed on mobile phones, in order to spy on the device user.
It’s said that the leak includes sensitive details such as mSpy license buyer info, email addresses, mailing addresses and the amount paid to get hold of the access.
Some news reports suggest that researchers from KerbsOnSecurity succeeded in pulling out info from an unsecured database of mSpy and tried to incarnate an image in the media that hackers accessed the database.
Cybersecurity Insiders has learned that a security researcher named Nitish Shah was the first one to find the bug on the database and issued an immediate alert to mSpy. Later when the reaction from the mobile app managing authorities was zero, he disclosed the same to security journalist Brian Krebs on Tuesday last week. After which the matter was disclosed to the media early this week.
Note 2 – Previously, in the year 2015, due to a similar cyber mishap, the database of mSpy was also leaked onto the dark web. Initially, the app founders denied the leak but later acknowledged it when BBC affirmed strongly that the breach has occurred.