Hacked, leaked, exposed: Why you should never use stalkerware apps

There is a fully shaded industry for people who want to monitor and spy their families. Multiple application makers their programs – sometimes referred to as Stalkerware – to jealous partners who can use these applications to access their victims’ phones remotely.

However, despite the sensitivity of these data, an increasing number of these companies loses huge amounts of them.

According to TECHRUNCH’s Tall, and the latest data breach of SPYX, there have been at least 25 companies chased since 2017 that are known to have been hacked, or customer leaks and victims on the Internet. This is not a typographical error: at least 25 companies have been hacked or a large data exposure in recent years. Four companies were hacked several times.

SPYX is the latest supplyor for this year that it was breached, although the breach itself dates back to mid -2014. The penetration reveals that the Spyx family of applications has been at risk of private phone data for nearly two million victims at the time of its breach.

Spyx Breach comes after exposure of Spyzie and Cocospy data, stolen monitoring that left messages, photos, call records, personal data and other sensitiveness of millions of open -upon online victims, according to a security researcher who found a pain that allowed them to access these data.

Before this year, there were at least four huge breakthroughs of centers tools in 2024. The last breach of the stretching tools in 2024 affected the Spytech, a maker of the most unknown spyware based in Minnesota, which is exposed activity records of phones, tablets and computers monitored using spyware. Before that, there was a breach in MSPY, one of the tallest chaser applications, which have been exposed to millions of customer support tickets, which included the personal data of millions of customers.

Previously, one of the unknown infiltrators stormed the servers of the PCTATTLETELE. Then the infiltrators stole and leak the internal data of the company. They also distorted the official PCTATTLETALE website with the aim of embarrassing the company. The infiltrator referred to a recent article by Techcrunch, where we reported the PCTATTLETALE who was used to monitor many reception computers in the reception desk in a American hotel chain.

As a result of this penetration, leakage and shyness, the founder of PCTATTLETALETALE Brian Fleming said he was closing his company.

Consumer spyware applications such as SPYX, CocOSPY, MSPY and PCTATTLETALE are usually referred to as “chaser tools” (or mousse) because jealousy husbands and partners use them to monitor and their loved ones in a hidden way.

These companies often explicitly market their products as solutions to capture fraud partners by encouraging illegal and immoral behavior. There were many court cases, press investigations and investigative studies of home abuse refugees that show that pursuit and online monitoring can lead to damage and violence in the real world.

For this reason, infiltrators targeted some of these companies over and over again.

Eva Galbenein, director of cybersecurity at the Electronic Border Foundation, a prominent researcher and activist who has investigated and fought the tools of staples for years, said that the chase tools industry “is a soft goal.”

“Perhaps the people who run these companies are not really the most accurate or really worried about the quality of their products,” Galberene told Techcrunch.

Looking at the history of concessions in the chasing tools, it may be low. Because of the lack of care for their customer protection – and thus the personal data of tens of thousands of unintended victims – the use of these applications is not responsible. Stalkerware customers may violate the , abuse their partners by illegally spying them, and moreover, it endangers everyone’s data.

History of infiltrators of chases

Stalkerware’s violations wave began in 2017 when a group of US-based Retina-X infiltrators violated FlexiSpy in Thailand. These two penetrations revealed that companies have a total of 130,000 customers worldwide.

At that time, the infiltrators – proudly – said his responsibility for the concessions explicitly said that their motives were revealing and helping their hope to destroy an industry they considered toxic and immoral.

“I will burn them on the ground, and I don’t leave anywhere at all to hide any of them,” one of the infiltrators told the motherboard.

In reference to Flexispy, the infiltrator added: “I hope they collapsed and fail as a company, and they have some time to think about what they did. However, I am afraid that they might try to generate themselves again in a new form. But if they do that, I will be there.”

Despite the penetration, years of negative public attention, Flexiispy is still active today. The same cannot be said about Retina-X.

The infiltrator, who stormed the retina, spent his servers with the aim of obstructing his operations. The company wore again – then it was hacked again after a year. Two weeks after the second violation, Retina-X announced that it was closing.

A few days after the second Retina-X breach, the Mobistalth and SPY Master Pro were hit, and the Gigette stolen from customer and business records, as well as the usual messages of victims and fine GPS sites. Another seller of the chase programs, India -based Spyhuman, faced the same fate after a few months, as infiltrators steal text messages and connect to the descriptive data, which contain records of the call of WhO and Re.

After weeks, there was the first case of cross data, instead of penetration. Leaving SPYFONE is a S3 storage bucket hosted by Amazon, which is not protected online, which means that anyone can see and download text messages, photos, audio recordings, contacts, site whipped passwords, login information, Facebook messages and more. All these data were stolen from the victims, and most of them did not know that they were spying, not to mention knowing that their most sensitive personal data was also on the Internet for everyone to see.

Other chase tools companies that have left over the years customer data and victims’ data over the years are Familyorbit, which left 281 GB of personal data only protected by an easy -to -trust password; MSPY, which leaked more than 2 million customer records in 2018; Xnore, which allows any of its customers to see the personal data of other customers, which included chat messages, GPS coordinates, email messages, photos and more; Mobiispy, which left 25,000 audio recording and 95,000 photos on a server accessible from anyone; Kidsguard, who had a servant with his composition that leaked the content of the victims; PCTATTLETALE, which, before hacking, also exposed screenshots of the victims that were actually loaded to a web site that anyone can access; And XNSPY, whose developers left the credentials and special keys that were left in the application code, allowing anyone to access the victims’ data; And now Spyzie, CocOSPY and Spyic, which left the letters of the victims, photos, call records and other personal data, as well as the email addresses for customers, exposed online.

Regarding other chasing companies that have already hacked, regardless of Spyx, there was COPY9, which witnessed hackers to steal all their monitoring targets, including text messages, WhatsApp messages, call recordings, photos, communications, and the history of eyebrows; Letchespy, which was closed after violating infiltrators and wiped their servers; Brazil -based Webdetteive, which also wiped servers, then penetrated again; Ownspy, which provides a lot of Webdetive rear programs, has also been hacked; Spyhide, which had a vulnerability in the code that allowed the infiltrator to reach the rear databases and years of victims ‘data stolen about 60,000 victims’ data; OOSPY, which was the brands of espionage, closed for the second time; The latest MSPY penetration, which has nothing to do with the aforementioned leakage.
Finally, there is the TetruteSpy, a network of Stalkerware applications, which carry the doubtful record of penetration or data leakage on at least three separate occasions.

Hate, but unreliable

Among these 25 companies from the chaser, eight were stopped, according to TECHCRUNCH.

In a unique and unique case, the Federal Trade Committee and its CEO, Scott Zuckerman, banned from working in the monitoring industry after a previous security expiry exposed to victims’ data. Another process of chasing programs is closed to Zuckerman, which is called Spytrac, after that after achieving Techcrunch.

Phonespector and Highster, two other unknown companies that were hacked, after the New York Prosecutor accused companies of explicitly encouraging customers to use their illegal monitoring programs.

But the company closing the company does not mean that it went forever. As with Spyhide and Spyfone, some owners and developers stand behind a closed chaser maker have been simply renamed.

“I think these infiltrators do things. They are accomplishing things, they put it in it,” said Glipin. “But if you think that if the chaser tools company penetrates, it will simply shake their grip, curse your name, and disappear in a puff of blue smoke and it is not seen again, and this is certainly not.”

“What happens most of the time, when I actually managed to kill the chasing tools company, is that Stalkerware comes like mushrooms after rain,” Galbenein added.

There is some good news. In a report last year, Malwarebytes said that the use of demand tools decreases, according to its data for customers with this type of program. Also, Galperin reports are witnessing an increase in the negative reviews of these applications, where customers or potential customers complain that they are not working as intended.

However, Galbenein said it could be good security companies in discovering chasing tools as they were, or the pursuit has moved from software -based monitoring to the physical monitoring they enable by Aartags and other followers that support Bluetooth.

“There are no demand tools in a vacuum,” Galberene said.

Say no to the chase utensils

The use of spyware to monitor your loved ones is not only immoral, but it is also illegal in most judicial states, because it is considered illegal monitoring.

This is already an important reason for not using chaser tools. After that, there is a problem that chasing tool makers have proven again and again that they cannot maintain data safe – not data that belongs to customers, victims or goals.

Regardless of spying on romantic partners and husbands, some people use chases applications to monitor their children. Although this type of use, at least in the United States, is legal, it does not mean the use of chasing tools to intrude on your children’s phone is not creeping and immoral.

Even if it is legal, Galberin believes that parents should not spy on their children without telling them, and without their approval.

If parents inform their children and get their stove, parents must stay away from unsafe chase applications, and the use of parenting tracking tools included in Apple phones, tablets and Android devices that work more safely and operate publicly.

Abstract of violations and leaks

Below is the full list of chasing tools that have been hacked or leaked sensitive data since 2017, in the time order:

It was updated on March 19, 2025, to include SPYX as the latest breach of the chaser.

If you or anyone you know need help, then the hotline of national violence (1-800-799-7233) provides free support around the clock throughout the week for victims of home abuse and violence. If you are in an emergency, call 911. The alliance against the tools of the chaser It has resources if you think your phone may be at risk with spyware.