A spyware search tool, made available by TechCrunch today, enables anybody to determine if their Android smartphone has been infected by a number of consumer-grade malware applications, including TheTruthSpy. The goal is to assist victims in determining if their device has been hacked and regaining control of it.
It comes after a lengthy investigation by TechCrunch into a group of spyware programmes that all leak the private phone information of thousands of Android users and share the same server architecture and security weakness.
These covert apps, which are frequently covertly installed by someone who has physical access to a person’s device and are created to remain hidden from home screens but enable that person to view the victim’s phone data in real time including their calls, messages, contacts, real-time location data, photos, and more, are often installed by that person without the victim’s knowledge.
Our research revealed that a gang of developers with a base in Vietnam created and maintained the spyware software. They went to great measures to conceal their participation in the scheme, including using fictitious names and stolen identities. However, due to the danger it presents to the hundreds of thousands of victims whose phones were unintentionally hijacked by the fleet of spyware applications, TechCrunch is unable to provide any more information regarding the security weakness in the absence of a cure.
Then, in June, a source gave TechCrunch access to a cache of documents that had been removed from TheTruthSpy’s internal network’s servers. The list of hacked Android devices from TheTruthSpy’s network up to April 2022 was included in that cache of files, which is likely when the data was leaked.
TechCrunch is unable to identify or contact the owners of hacked devices using the disclosed list since it is insufficiently detailed. TechCrunch created this spyware lookup tool with that in mind. Anyone may use the programme to determine if their Android smartphone has been infected by these applications and learn how to uninstall the spyware, if it is safe to do so.
The programme compares data against a list of leaked unique device identifiers, including as IMEI numbers and advertising IDs, which are often acquired by spyware applications and transmitted back to the developer from your device.
By comparing the IMEIs of burner and virtual devices we utilised throughout our research into the malware network, TechCrunch was able to confirm the accuracy of the leaked list.
You may learn more about our study that identified the malware network and utilise the programme for free here.
