Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

Former OpenAI executive Kevin Weil is now on Stoke Space’s board

OpenAI bets on families as ChatGPT goes deeper into households

A new app, HyperTexting, turns the open web into a social media scrolling-like stream

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    OpenAI bets on families as ChatGPT goes deeper into households

    11 July 2026

    Meta removes controversial AI feature on Instagram after backlash

    11 July 2026

    OpenAI launches its new family of models with GPT-5.6

    10 July 2026

    Fidji Simo resigns from the no. 2 role

    10 July 2026

    Nvidia is a victim of the PC market it created

    9 July 2026
  • Apps

    A new app, HyperTexting, turns the open web into a social media scrolling-like stream

    11 July 2026

    Apple is suing OpenAI for alleged trade secret theft

    11 July 2026

    EU threatens Meta with fines for addictive features on Facebook and Instagram

    10 July 2026

    Instagram users: Here’s how to stop Meta’s AI from using your photos

    10 July 2026

    Anthropic’s new Claude ability quietly sells you on the AI

    9 July 2026
  • Crypto

    Venice AI goes unicorn with $65M Series A as first privacy AI platform takes off

    1 July 2026

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026
  • Fintech

    Don’t want to invest in Elon Musk? Two new ETFs expressly exclude him

    10 July 2026

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026
  • Hardware

    Dumb Co dared me to exchange my iPhone for a hacked phone

    11 July 2026

    SK Hynix raises $26.5 billion in largest foreign public IPO in US history, set to build new fabs in US

    11 July 2026

    After Apple, smartphone manufacturing boom in India enters new phase with Vivo JV

    10 July 2026

    Elon Musk praises Mythos/Fable, promises not to ‘cut’ Anthropic

    10 July 2026

    US investors will soon have access to SK Hynix, another memory maker driving the AI ​​boom

    7 July 2026
  • Media & Entertainment

    Netflix could be planning “always on” live TV channels.

    11 July 2026

    Netflix is ​​dealing with shorter video content with its new set of publisher deals with Variety and others

    8 July 2026

    Netflix invented binge watching. Now he may be over it.

    7 July 2026

    New Google ad imagines a Declaration of Independence written with the help of artificial intelligence

    4 July 2026

    Cloudflare’s new policy pushes AI companies to pay for publishers’ content

    1 July 2026
  • Security

    US cybersecurity agency CISA had to create the incident guide during the incident, the agency reveals

    11 July 2026

    Florida ransomware dealer convicted of helping ransomware gang extort US companies

    10 July 2026

    Hacktivists call out Trump by hacking and defacing US military websites

    8 July 2026

    Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

    6 July 2026

    Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

    3 July 2026
  • Startups

    Former OpenAI executive Kevin Weil is now on Stoke Space’s board

    11 July 2026

    Phia Accused of ‘Cookie Stuffing’, Taking Affiliate Credit for Unearned Purchases

    11 July 2026

    Oratomic raises $300M to build sustainable quantum computer that only needs 20,000 qubits

    10 July 2026

    These AI startups are growing revenue at an ever-faster pace

    10 July 2026

    Popular Open Source AI Developer Tool Ollama Raises $65M, Grows to Nearly 9M Users

    9 July 2026
  • Transportation

    Slate Auto partners with Crayola to paint its EV truck

    10 July 2026

    Autonomous drone delivery startup Manna plans major US expansion

    9 July 2026

    Federal authorities are demanding that autonomous vehicle companies stop interfering with first responders

    9 July 2026

    Another massive data breach exposed millions of driver’s license numbers

    8 July 2026

    This startup brings dealers together to bid on your used car

    7 July 2026
  • Venture

    Filed Under: College Fizz App Accuses VC Of Sharing Confidential Startup Info With Rival Sidechat

    11 July 2026

    Charles Hudson shares the common mistakes he’s seen after investing in 500+ startups

    10 July 2026

    Nandan Nilekani steps down as GP at Fundamentum as it launches third $200m fund

    9 July 2026

    What are bending spoons? The little-known owner of AOL and Vimeo who is now public

    5 July 2026

    After $18B IPO, Bending Spoons Founder Says Success Comes From Minimizing Luck

    2 July 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»Hacked, Leaked, Exposed: Why You Should Never Use Stalkerware Apps
Security

Hacked, Leaked, Exposed: Why You Should Never Use Stalkerware Apps

techtost.comBy techtost.com1 June 202408 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
Hacked, Leaked, Exposed: Why You Should Never Use Stalkerware Apps
Share
Facebook Twitter LinkedIn Pinterest Email

Last week, an unknown hacker broke into the servers of US-based stalkerware maker pcTattletale. The hacker then stole and leaked the company’s internal data. They also hacked pcTattletale’s official website with the aim of embarrassing the company.

“This took a total of 15 minutes from reading the techcrunch article,” the hackers wrote in defacement, referring to a recent TechCrunch article where we reported that pcTattletale was used to monitor several check-in computers at the front desk at Wyndham hotels in the United States. States.

As a result of this hack, leak and shame operation, pcTattletale founder Bryan Fleming said he was shutting down his company.

Consumer spyware applications such as pcTattletale are commonly referred to as stalkerware because jealous husbands and partners use them to secretly monitor and surveil their loved ones. These companies often explicitly market their products as solutions to catch cheating partners, encouraging illegal and unethical behavior. And there have been many court casesjournalistic investigations, and investigations into domestic abuse shelters which show that online stalking and tracking can lead to real-world instances of harm and violence.

And that’s why hackers have repeatedly targeted some of these companies.

According to TechCrunch’s tally, with this latest hack, pcTattletale became the 20th stalkerware company since 2017 known to have hacked or leaked customer and victim data online. This is not a typo: Twenty stalkerware companies have either been breached or had significant data exposure in recent years. And three stalkerware companies were hacked multiple times.

Eva Galerpin, director of cybersecurity at the Electronic Frontier Foundation and a leading researcher and activist who has researched and fought stalkerware for years, said the stalkerware industry is a “soft target.” “The people running these companies are maybe not the most meticulous or really concerned about the quality of their product,” Galperin told TechCrunch.

Given the history of stalkerware compromises, that may be an understatement. And because of their lack of care to protect their own customers—and consequently the personal data of tens of thousands of wrongdoing victims—using these apps is doubly irresponsible. Stalkerware clients may be breaking the law, abusing their partners by illegally spying on them, and on top of that, putting everyone’s data at risk.

History of stalkerware hacks

The flurry of stalkerware breaches began in 2017 when a group of hackers hacked US-based Retina-X and FlexiSpy based in Thailand back to back. These two hacks revealed that the companies had a total of 130,000 customers worldwide.

At the time, the hackers who – proudly – claimed responsibility for the compromises said explicitly that their motivation was to expose and hope to help destroy an industry they see as toxic and unethical.

“I’m going to burn them to the ground and leave nowhere for any of them to hide,” one of the hackers involved told Motherboard at the time.

Referring to FlexiSpy, the hacker added: “I hope they go under and fail as a company and have some time to think about what they’ve done. However, I fear they may try to rebirth themselves in a new form. But if they do, I’ll be there.”

Despite the hack and years of negative public attention, FlexiSpy is still active today. The same cannot be said for Retina-X.

The hacker who broke into Retina-X wiped its servers with the aim of stopping it from working. The company came back – and then hacked again a year later. A few weeks after the second breach, Retina-X has announced that it is shutting down.

A few days after the second Retina-X breach, hackers hit Mobistealth and Spy Master Pro, stealing gigabytes of customer and business records, as well as intercepted victims’ messages and precise GPS locations. Another stalkerware vendor, the India-based SpyHuman;it suffered the same fate a few months later, with hackers stealing text messages and call metadata, which contained logs of who called whom and when.

Weeks later, there was the first case of accidental data exposure, rather than hacking. SpyFone left an Amazon-hosted S3 storage bucket unprotected online, which meant that anyone could view and download text messages, photos, recordings, contacts, location, passwords and login information, Facebook messages and more. All of this data was stolen from victims, most of whom were unaware that they were being spied on, let alone aware that their most sensitive personal data was also on the Internet for all to see.

Other stalkerware companies that have irresponsibly left customer and victim data online over the years include FamilyOrbit, which left 281 gigabytes of personal data online protected only by an easy-to-find password; mSpy, which leaked over 2 million customer records. Xnore, which allows any of its customers to view the personal data of other customers’ targets, which included chat messages, GPS coordinates, emails, photos and more. Mobiispy, which left 25,000 recordings and 95,000 images on a server accessible to anyone; KidsGuard, which had a faulty server that leaked victims’ content. pcTattletale, which before its hack as well exposed screenshots of victims’ devices uploaded in real time on a website that anyone could access; and Xnspy, whose developers left credentials and private keys in the apps’ code, allowing anyone to access victims’ data.

As for other stalkerware companies that were actually hacked, there was Copy9, which saw a hacker steals the data of all his tracking targets, including text and WhatsApp messages, call recordings, photos, contacts and eyebrow history. LetMeSpy, which was shut down after its servers were breached by hackers. Brazil-based WebDetetive, which also had its servers wiped, and then he hacked again; OwnSpy, which provides much of the support software for WebDetetive, was also hacked. Spyhide, which had a vulnerability in its code that allowed a hacker to access its back-end databases and years of stolen data from around 60,000 victims. and Oospy, which was a rebrand of Spyhide, was shut down for a second time.

Finally, there is TheTruthSpy, a network of stalkerware applications, which holds the dubious record of having been hacked or leaked data on at least three separate occasions.

Hacked, but unrepentant

Of those 20 stalkerware companies, eight have been shut down, according to TechCrunch’s tally.

In a first and so far unique case, the Federal Trade Commission banned SpyFone and its CEO, Scott Zuckerman, from operating in the surveillance industry after an earlier security breach exposed victims’ data. Another stalkerware business linked to Zuckerman, called SpyTrac, was subsequently shut down after a TechCrunch investigation.

PhoneSpector and Highster, two other companies not known to have been hacked, were also shut down after New York’s attorney general accused the companies of explicitly encouraging customers to use their software for illegal surveillance.

But a company closing doesn’t mean it’s gone forever. As with Spyhide and SpyFone, some of the same owners and developers behind a shutterbug stalkerware maker simply renamed themselves.

“I think these hacks do things. They really get things done, put a dent in it,” Galperin said. “But if you think that if you hack a stalkerware company, that they’re just going to shake their fists, curse your name, disappear in a puff of blue smoke and never be seen again, it sure hasn’t happened.”

“What happens most often, when you manage to kill a stalkerware company, is that the stalkerware company pops up like mushrooms after the rain,” Galperin added.

There is some good news. In a report last year, security firm Malwarebytes said that stalkerware use is declining, according to its own customer data infected with this type of software. Also, Galperin reports seeing an increase in negative reviews of these apps, with customers or prospects complaining that they don’t work as intended.

But Galperin said it’s possible that security companies aren’t as good at detecting stalkerware as they used to be, or that stalkers have moved from software-based tracking to physical surveillance enabled by AirTags and other Bluetooth-enabled trackers.

“Stalkerware does not exist in a vacuum. Stalkerware is part of a whole world of technology-enabled abuse,” Galperin said.

Say no to stalkerware

Using spyware to track your loved ones is not only unethical, it is also illegal in most jurisdictions as it is considered illegal surveillance.

This is already a major reason not to use stalkerware. Then there’s the issue that stalkerware makers have proven time and time again that they can’t keep data safe — neither data belonging to customers nor to their victims or targets.

In addition to spying on romantic partners and spouses, some people use stalkerware apps to monitor their children. While this type of use, at least in the United States, is legal, it doesn’t mean that using stalkerware to spy on your kids’ phone isn’t creepy and unethical.

Even if it’s legal, Galperin believes parents shouldn’t be spying on their kids without telling them and without their consent.

If parents inform their children and get the green light, parents should stay away from unsafe and untrustworthy stalkerware apps and use built-in parental monitoring tools Apple phones and tablets and Android devices which are safer and operate undetected.


If you or someone you know needs help, the National Family Violence Hotline (1-800-799-7233) provides free, confidential 24/7 support to victims of domestic abuse and violence. If you are in an emergency, call 911. The Coalition Against Stalkerware has resources if you think your phone has been compromised by spyware.

apps cyber security evergreen exposed hacked Hacking leaked privacy stalkerware surveillance
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleStartups Weekly: Musk raises $6B for AI and fintech dominoes fall
Next Article Bootstrading for over a decade, this Dallas company just raised $110 million to help people pay their bills via text
bhanuprakash.cg
techtost.com
  • Website

Related Posts

Dumb Co dared me to exchange my iPhone for a hacked phone

11 July 2026

US cybersecurity agency CISA had to create the incident guide during the incident, the agency reveals

11 July 2026

Florida ransomware dealer convicted of helping ransomware gang extort US companies

10 July 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

Former OpenAI executive Kevin Weil is now on Stoke Space’s board

11 July 2026

OpenAI bets on families as ChatGPT goes deeper into households

11 July 2026

A new app, HyperTexting, turns the open web into a social media scrolling-like stream

11 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

Don’t want to invest in Elon Musk? Two new ETFs expressly exclude him

10 July 2026

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026
Startups

Former OpenAI executive Kevin Weil is now on Stoke Space’s board

Phia Accused of ‘Cookie Stuffing’, Taking Affiliate Credit for Unearned Purchases

Oratomic raises $300M to build sustainable quantum computer that only needs 20,000 qubits

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.