More than 500,000 Android devices, as well as at least 4,900 iPhones and iPads, have been unknowingly breached by the Spyzie mobile surveillance app, which exposed obtained data through the exploitation of a vulnerability recently discovered in the Cocospy and Spyic spyware apps, TechCrunch reports.
Aside from enabling access to pilfered messages, location details, photos, and other phone data, the flaw also exposed 518,643 email addresses belonging to Spyzie customers who sought to infiltrate others' devices, according to a security researcher, who already provided the email address cache to Have I Been Pwned breach notification site operator Troy Hunt.
Spyzie — which has yet to address the vulnerability as well as comment on the findings — joins 23 other stalkerware operations that have had their customers' and victims' data leaked due to lacking security defenses over the past eight years, indicating the prevalence of weak security among such providers.
