LetMeSpy shuts down after hacker deletes Their server data

LetMeSpy, a spyware service based in Poland, has officially ceased operations and shut down following a data breach in June. The breach resulted in the destruction of its servers, which held a vast amount of data stolen from thousands of victims' phones.

In an announcement posted on its website in both English and Polish, LetMeSpy confirmed its "permanent shutdown" and revealed that all services would be discontinued by the end of August. Users are now prevented from logging in or creating new accounts.

A notice on LetMeSpy's former login page, which is no longer functional, corroborated earlier reports that the hacker responsible for the breach also deleted all data stored on the servers. The breach involved unauthorized access to the LetMeSpy website's database, during which the attacker downloaded and removed data from the site.

As a result of the breach, LetMeSpy's app is no longer operational, as confirmed by network traffic analysis conducted by TechCrunch. Additionally, the spyware maker's website no longer provides the spyware app for download.

LetMeSpy was an Android phone monitoring app specifically designed to remain hidden on a victim's phone home screen, making it challenging to detect and remove. Once installed on a person's phone, often by someone with knowledge of their passcode, apps like LetMeSpy continuously stole the individual's messages, call logs, and real-time location data.

Nonprofit transparency collective DDoSecrets obtained a copy of the database and shared it with TechCrunch for analysis. The data revealed that LetMeSpy had been used to steal information from over 13,000 compromised Android devices worldwide. Before the breach, LetMeSpy's website claimed control over more than 236,000 devices. The spyware's development was linked to a tech company called Radeal, located in Krakow, whose CEO, Rafal Lidwin, did not respond to requests for comment.

LetMeSpy is the latest spyware operation to shut down due to a security incident that not only exposed victims' data but also revealed the identities of its real-world operators. Spytrac, another spyware service with over a million user records, was discovered to be operated by Support King, a tech company that had been banned from the surveillance industry by federal regulators in 2021 for its failure to secure stolen data from its previous flagship spyware app, SpyFone.

Signal Introduces Usernames for Encrypted Messaging: A Secure Way to Connect

Signal, the encrypted messaging service, is launching a new feature in the coming weeks: support for usernames. This beta feature allows users to establish unique usernames, enabling connections without divulging phone numbers. source: Signal Blog To create a username, navigate to your settings and select "Profile." Once you've chosen a unique username, generate a QR code or link to share with others. Recipients can connect by entering your username into the chat bar. Usernames can be changed at any time, though previous usernames may be claimed by others. Signal began testing usernames last fall. Unlike social media platforms, Signal usernames do not serve as logins or public handles. They offer a discreet means of communication without revealing personal phone numbers. While a phone number is required to register for Signal, sharing it is optional. Usernames remain private and do not appear on profiles or in chats unless shared explicitly. As Randall Sarafa, Signal'

AT&T Resets Millions of Customer Passcodes After Data Leak: What You Need to Know

AT&T recently confirmed a significant data breach affecting over 7.6 million current customers and 65 million former customers. The leaked information, which dates back to 2019 or earlier, includes personal details like names, addresses, phone numbers, and social security numbers. Fortunately, financial information and call history were not compromised. In response to the breach, AT&T has reset passcodes for affected customers. Passcodes, usually four-digit numbers, serve as an additional layer of security when accessing accounts. However, security experts warn that the encrypted passcodes leaked alongside customer information could be easily deciphered, posing a risk of unauthorized account access. Affected customers are advised to set up free fraud alerts with major credit bureaus and remain vigilant for any suspicious activity related to their accounts. AT&T is proactively reaching out to impacted customers via email or letter to inform them about the breach and the meas

Safeguarding Internet Privacy: Supreme Court of Canada Upholds Protection of IP Addresses

In a recent ruling, the Supreme Court of Canada affirmed the significance of privacy rights concerning internet addresses. The court declared that police cannot simply obtain a suspect’s IP address without a court order, emphasizing the expectation of privacy that Canadian residents hold for such information. The court's decision stemmed from a case in 2017 involving Calgary police investigating fraudulent online activities at a liquor store. Initially, police demanded IP addresses from a credit card processor, which eventually led to obtaining subscriber information from Telus. This information was pivotal in making arrests and securing convictions in multiple offenses. Despite previous convictions, the accused contested the legality of obtaining IP addresses without proper authorization. The Supreme Court, in a 5-4 decision, asserted that IP addresses carry a reasonable expectation of privacy, necessitating judicial approval before access. The ruling emphasizes that obtaining jud

THEHACKCITY

Search This Blog