Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

Station F emerges as a launch pad for Europe’s hottest AI startups

If you use Google, you train its AI. See how you can opt out.

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    If you use Google, you train its AI. See how you can opt out.

    6 July 2026

    Amazon will stop accepting new customers for Mechanical Turk

    6 July 2026

    Yes, we use OpenClaw to this day

    5 July 2026

    Midjourney wants Hollywood studios to reveal the details of their use of artificial intelligence

    5 July 2026

    What is Mistral AI? Everything you need to know about the OpenAI competitor

    4 July 2026
  • Apps

    Apple is bringing back card payments for Apple Account purchases in India after a four-year hiatus

    6 July 2026

    WhatsApp now allows you to reserve usernames

    5 July 2026

    Podcasting platform Riverside is getting into the newsletter game

    4 July 2026

    Threads adds new features to Live Chats as it expands access

    4 July 2026

    Travel app Hopper to pay $35 million in FTC settlement over ‘unfair’ hidden fees

    3 July 2026
  • Crypto

    Venice AI goes unicorn with $65M Series A as first privacy AI platform takes off

    1 July 2026

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026
  • Fintech

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026

    Anthropic’s latest spat with the Trump administration may actually help it, sales figures suggest

    17 June 2026
  • Hardware

    Smart glasses maker Even Realities hits $1 billion valuation with $150 million in funding led by Meituan, Tencent

    6 July 2026

    5 office gadgets that can make your work day better

    6 July 2026

    IQM, Europe’s first public quantum company, admits that the future of the technology is uncertain

    3 July 2026

    Thiel Capital’s Jack Selby commits stakes in hot startups like Etched through Arizona connections

    3 July 2026

    Ashton Kutcher is leaving Sound Ventures to start a new VC firm with Morgan Beller

    2 July 2026
  • Media & Entertainment

    New Google ad imagines a Declaration of Independence written with the help of artificial intelligence

    4 July 2026

    Cloudflare’s new policy pushes AI companies to pay for publishers’ content

    1 July 2026

    Watch out, Amazon: The Kobo eReader now has a Goodreads rival

    29 June 2026

    YouTube Shorts just got even shorter with an update that lets you double the playback speed

    25 June 2026

    Deezer says its new feature allows fans to remix songs with the artist’s consent

    24 June 2026
  • Security

    Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

    6 July 2026

    Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

    3 July 2026

    The US government says it’s been hacked — again

    2 July 2026

    In major privacy victory, Supreme Court rules that geo-trafficking warrants are protected by privacy rights

    29 June 2026

    The Klue hack results in a data breach at several cybersecurity companies

    26 June 2026
  • Startups

    Station F emerges as a launch pad for Europe’s hottest AI startups

    6 July 2026

    Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

    4 July 2026

    The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

    3 July 2026

    Last chance to apply — Startup Battlefield Australia applications close on 6 July

    3 July 2026

    Arcturus could halve grid electrical losses using nano-infused metals

    2 July 2026
  • Transportation

    Chevy built an all-American EV truck — why isn’t anyone buying it?

    3 July 2026

    Rivian raises EV sales forecast as second-quarter production ramps up

    3 July 2026

    Lucid Motors CFO steps down as new CEO continues leadership shakeup

    2 July 2026

    Tesla begins testing Cybercab without pedals or steering wheel in Austin

    2 July 2026

    Lime is starting life as a public company after years of uncertainty

    1 July 2026
  • Venture

    What are bending spoons? The little-known owner of AOL and Vimeo who is now public

    5 July 2026

    After $18B IPO, Bending Spoons Founder Says Success Comes From Minimizing Luck

    2 July 2026

    Bending Spoons defies SaaS slump, up 40% on first day of trading

    2 July 2026

    The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

    1 July 2026

    Patronus AI lands $50 million to create ‘digital worlds’ that stress-test AI agents

    26 June 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»A new safety defect in Thetruthspy Phone Spyware puts victims at risk
Security

A new safety defect in Thetruthspy Phone Spyware puts victims at risk

techtost.comBy techtost.com25 August 202505 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
A New Safety Defect In Thetruthspy Phone Spyware Puts Victims
Share
Facebook Twitter LinkedIn Pinterest Email

A stalkerware manufacturer with a history of multiple data leaks and violations now has a critical security vulnerability that allows anyone to take on any user account and steal the victim’s sensitive personal data, TechCrunch confirmed.

Independent Security Researcher Swarang Wade has found vulnerability, which allows anyone to restore the password of any user of the Stalkerware Thetruthspy application and the many SPYWARE applications of Android, leading to the hijacking of any account on the platform. Given the nature of the Thetruthspy, it is likely that many of its clients operate without the consent of their goals, who do not know that their phone data is withdrawn to someone else.

This basic defect shows, once again, that consumer spyware manufacturers such as thetruthspy – and its many competitors – cannot trust one’s data. These follow -up applications not only facilitate illegal espionage, often from abusive romantic partners, but also have endless security practices that expose the personal data of both victims and perpetrators.

To date, TechCrunch has calculated at least 26 spyware features that have leaked, exposed or otherwise poured in recent years. With our counting, this is at least the fourth security delay included by thetruthspy.

TechCrunch has verified vulnerability by providing the researcher with the username of many testing accounts. The researcher quickly changed the passwords to the accounts. Wade tried to get in touch with the theetruthspy owner to alert him to the defect, but received no answer.

When he came into contact with TechCrunch, Spyware’s director Van (Vardy) Thieu said, he said the source code was “lost” and could not correct the error.

Since the publication, vulnerability still exists and has a significant risk for thousands of people whose phones are believed to be unknowingly compromised by the Thetruthspy Spyware.

Given the danger to the general public, we do not describe the vulnerability in more detail so as not to help the malicious actors.

A brief story of the many Thetruthspy Security defects

Thetruthspy is a spyware production with roots that have returned to almost a decade. For some time, the Spyware network was one of the largest known telephone monitoring businesses on the internet.

Thetruthspy is developed by 1byte software, a spyware manufacturer based in Vietnam led by Thieu, his director. Thetruthspy is one of the fleets of Spyware Android applications with a different name, including Copy99And since the trademarks of ISPYOO, MXSPY and more. Spyware applications share the same back-end checks used by TheTruthspy customers to access the victim’s stolen phone data.

Therefore, safety errors in thetruthspy also affect the customers and victims of any spyware with a surname or platinum based on the TheTruthspy underlying code.

As part of a Stalkerware research in 2021, TechCrunch found that Theetruthspy had a security error that exposes the private data of its 400,000 victims to anyone online. Exposed data included the most personal details of victims, including private messages, photos, call records and their location historical data.

TechCrunch later received a cache from the TheTruthspy servers, exposing the internal operation of Spyware. The files also contained a list of each Android device that is at stake by the Thetruthspy or one of its accompanying applications. While the list of devices did not contain enough information to personally locate each victim, it allowed TechCrunch to create a spyware search tool for any possible victim to check if their phone was found in the list.

Our subsequent report, based on hundreds of 1Byte servers’ leaks that were sent to TechCrunch, revealed that thetruthspy was based on a huge money legalization operation that used forged documents and false identities with skirt restrictions. The plan has allowed TheTruthspy to channel millions of dollars of illegal customer payments into bank accounts worldwide controlled by exploitation.

At the end of 2023, Theetruthspy had another data breach, exposing private data to another 50,000 new victims. TechCrunch sent a copy of this data and we added the updated files to the search tool.

Thetruthspy, which still exposes data, is reconnected to Phoneparental

As is the case, some of the TheTruthspy businesses rushed and other places re -examined to escape reputation. Thetruthspy still exists today and has maintained much of the bugy source code and vulnerable back-end plates, while redefined as a new spyware application called Phoneparental.

Thieu is still involved in the development of phone monitoring software as well as in continuing surveillance facilitation.

According to a recent analysis of the current infrastructure facing Theetruthspy’s web-Facrugure using public files on the Internet, the function continues to be based on a software stack developed by Thieu called JFramework (which is previously known as the JEXPA frame) Spyware are based on sharing data back to its servers.

In an email, Thieu said he was rebuilding applications from scratch, including a new phone tracking app called myphones.app. A network analysis test performed by TechCrunch shows that myphones.App is based on JFRAMEWORK for back-end work, the same system used by thetruthspy.

TechCrunch has an explanator about how stalkerware is detected and removed from your phone.

Thetruthspy, like other stalkerware exploitation bodies, remains a threat to victims whose phones are at stake in its applications, not only because of the extremely sensitive data they steal, but because these functions are constantly proven that they cannot maintain their victim data safe.

–

If you or someone you know needs help, the national telephone line for approved violence (1-800-799-7233) provides free 24/7 confidential support to victims of home abuse and violence. If you are in an emergency mode, call 911. Coalition against Stalkerware It has resources if you think your phone has been violated by Spyware.

Android cyberspace data breach defect Exclusive phone puts Risk safety Spyware Spyware software stalkerware TheTruthSpy thetruthspy investigation victims vulnerability
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleYottar wants to help energy users find capacity in the electricity grid
Next Article Bounce starts a service to move bills between bluesky and mastodon
bhanuprakash.cg
techtost.com
  • Website

Related Posts

Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

6 July 2026

Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

3 July 2026

The US government says it’s been hacked — again

2 July 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

6 July 2026

Station F emerges as a launch pad for Europe’s hottest AI startups

6 July 2026

If you use Google, you train its AI. See how you can opt out.

6 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026

4 days left to save up to $190 on Founder Summit 2026

23 June 2026
Startups

Station F emerges as a launch pad for Europe’s hottest AI startups

Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.