Stalkerware Developer Found Leaking Sensitive Data From Thousands Of The Software's Victims

from the it-all-starts-with-not-giving-a-fuck-about-anyone dept

Oh, if only this were more of a surprise. Another vendor selling sketchy spyware has been discovered to be careless with its handling of all the sensitive communications and data it pulls from victims' cell phones. (via Databreaches.net)

The company doing all the leaking is ClevGuard, which I guess is short for "clever." It apparently isn't. Its phone-snooping app, KidsGuard, is supposed to allow parents to monitor their children's cell phone usage. Obviously, there are other applications for it, like monitoring the activity of spouses, ex-spouses, girlfriends/boyfriends of the current and ex- variety, employees, dissidents, journalists… just about anyone someone else wants to spy on.

The name isn't deliberately misleading but the app disguises itself as a system update app, allowing it to hide in plain sight, untroubled by surveillance targets. The company even advertises the app's flexibility as going beyond monitoring kids to spying on other adults.

Zach Whittaker has the details on the leaky app for TechCrunch:

TechCrunch obtained a copy of the Android app from Till Kottmann, a developer who reverse-engineers apps to understand how they work.

Kottmann found that the app was exfiltrating the contents of victims’ phones to an Alibaba cloud storage bucket — which was named to suggest that the bucket only stored data collected from Android devices. It’s believed the bucket was inadvertently set to public, a common mistake made — often caused by human error — nor was it protected with a password.

Using a burner Android device with the microphone sealed and the cameras covered, TechCrunch installed the app and used a network traffic analysis tool to understand what data was going in and out of the device — and was able to confirm Kottmann’s findings.

The app -- in its full paid form -- is pervasive. In addition to hoovering up contacts, photos, SMS message content, and location data, it provides a wealth of information about conversations occurring in WhatsApp, Viber, and Facebook Messenger. It also compromises more secure services like Snapchat and Signal by taking snapshots of conversations and relaying them to the company's servers.

The company has since shut down access to the leaky Alibaba cloud storage bucket, but the damage may already have been done. And it's just more evidence that companies selling malicious stalkerware care very little about the security of their customers… and even less about the security of their software's victims.

Filed Under: data breach, kidsguard, parents, snooping
Companies: clevguard


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 25 Feb 2020 @ 7:30am

    Re: That's one way to say 'I do not trust my kids to act well'..

    If you're so paranoid about what your kids are using their phones for

    You might be scared that the kids will do similar things to what you did at that age, while ignoring that it did you little or no harm.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.