Latest news with #Catwatchful
Business Insider
4 days ago
- Business
- Business Insider
Google (GOOGL) Shuts Down a Phone Spyware App that Was Operating on Its Servers
Tech giant Google (GOOGL) has shut down Catwatchful, a phone surveillance app that was secretly using the company's Firebase platform to store and operate its spyware. The move happened about a month after TechCrunch notified Google that Catwatchful was holding stolen data from thousands of hacked phones on Google's servers. Interestingly, Catwatchful targeted Android devices and disguised itself as a child-monitoring app. Unfortunately, it was often misused for stalking partners or other non-consensual surveillance. Elevate Your Investing Strategy: Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence. To install the app, someone needed physical access to the target's phone, which was usually gained by knowing the passcode. Once installed, it hid itself from the home screen and quietly uploaded private messages, photos, location data, and more to a web dashboard controlled by the person who planted it. However, in June, TechCrunch discovered a major flaw in Catwatchful's systems that left its database wide open without requiring a password, thereby exposing sensitive information about both victims and paying customers. The exposed data included details from over 26,000 infected devices, along with more than 62,000 customer email addresses and plaintext passwords. It also identified the app's creator as Omar Soca Charcov, who is a developer based in Uruguay. Since there was no sign that Charcov planned to notify the affected users, TechCrunch shared the data with Have I Been Pwned, which is a site that warns people about breaches. It is worth noting that Catwatchful is now one of several spyware operations in recent years that have leaked sensitive information. Is Google Stock a Good Buy? Turning to Wall Street, analysts have a Strong Buy consensus rating on GOOGL stock based on 28 Buys and nine Holds assigned in the past three months. Furthermore, the average GOOGL price target of $215.11 per share implies 11.6% upside potential.
Yahoo
4 days ago
- Yahoo
Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers
Google has suspended the account of phone surveillance operator Catwatchful, which was using the tech giant's servers to host and operate the monitoring software. Google's move to shut down the spyware operation comes a month after TechCrunch alerted the technology giant the operator was hosting the operation on Firebase, one of Google's developer platforms. Catwatchful relied on Firebase to host and store vast amounts of data stolen from thousands of phones compromised by its spyware. 'We've investigated these reported Firebase operations and suspended them for violating our terms of service,' Google spokesperson Ed Fernandez told TechCrunch in an email this week. When asked by TechCrunch, Google would not say why it took a month to investigate and suspend the operation's Firebase account. The company's own terms of use broadly prohibit its customers from hosting malicious software or spyware operations on its platforms. As a for-profit company, Google has a commercial interest in retaining customers who pay for its services. As of Friday, Catwatchful is no longer functioning nor does it appear to transmit or receive data, according to a network traffic analysis of the spyware carried out by TechCrunch. Catwatchful was an Android-specific spyware that presented itself as a child monitoring app 'undetectable' to the user. Much like other phone spyware apps, Catwatchful required its customers to physically install it on a person's phone, which usually requires prior knowledge of their passcode. These monitoring apps are often called 'stalkerware' (or spouseware) for their propensity to be used for non-consensual surveillance of spouses and romantic partners, which is illegal. Once installed, the app was designed to stay hidden from the victim's home screen, and upload the victim's private messages, photos, location data, and more to a web dashboard viewable by the person who planted the app. TechCrunch first learned of Catwatchful in mid-June after security researcher Eric Daigle identified a security bug that was exposing the spyware operation's back-end database. The bug allowed unauthenticated access to the database, meaning no passwords or credentials were needed to see the data inside. The database contained more than 62,000 Catwatchful customer email addresses and plaintext passwords, as well as records on 26,000 victim devices compromised by the spyware. The data also exposed the administrator behind the operation, a Uruguay-based developer called Omar Soca Charcov. TechCrunch contacted Charcov to ask if he was aware of the security lapse, or if he planned to notify affected individuals about the breach. Charcov did not respond. With no clear indication that Charcov would disclose the breach, TechCrunch provided a copy of the Catwatchful database to data breach notification service Have I Been Pwned. Catwatchful is the latest in a long list of surveillance operations that have experienced a data breach in recent years, in large part due to shoddy coding and poor cybersecurity practices. Catwatchful is by TechCrunch's count the fifth spyware operation alone this year to have spilled users' data, and the most recent entry in a list of more than two-dozen known spyware operations since 2017 that have exposed their banks of data. As we noted in our previous story: Android users can identify if the Catwatchful spyware is installed, even if the app is hidden, by dialing 543210 into your Android phone app's keypad and pressing the call button. Remember to have a safety plan in place before removing spyware from your phone. — If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911. The Coalition Against Stalkerware has resources if you think your phone has been compromised by spyware. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
TechCrunch
4 days ago
- TechCrunch
Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers
Google has suspended the account of phone surveillance operator Catwatchful, which was using the tech giant's servers to host and operate the monitoring software. Google's move to shut down the spyware operation comes a month after TechCrunch alerted the technology giant the operator was hosting the operation on Firebase, one of Google's developer platforms. Catwatchful relied on Firebase to host and store vast amounts of data stolen from thousands of phones compromised by its spyware. 'We've investigated these reported Firebase operations and suspended them for violating our terms of service,' Google spokesperson Ed Fernandez told TechCrunch in an email this week. When asked by TechCrunch, Google would not say why it took a month to investigate and suspend the operation's Firebase account. The company's own terms of use broadly prohibit its customers from hosting malicious software or spyware operations on its platforms. As a for-profit company, Google has a commercial interest in retaining customers who pay for its services. As of Friday, Catwatchful is no longer functioning nor does it appear to transmit or receive data, according to a network traffic analysis of the spyware carried out by TechCrunch. Catwatchful was an Android-specific spyware that presented itself as a child monitoring app 'undetectable' to the user. Much like other phone spyware apps, Catwatchful required its customers to physically install it on a person's phone, which usually requires prior knowledge of their passcode. These monitoring apps are often called 'stalkerware' (or spouseware) for their propensity to be used for non-consensual surveillance of spouses and romantic partners, which is illegal. Once installed, the app was designed to stay hidden from the victim's home screen, and upload the victim's private messages, photos, location data, and more to a web dashboard viewable by the person who planted the app. TechCrunch first learned of Catwatchful in mid-June after security researcher Eric Daigle identified a security bug that was exposing the spyware operation's back-end database. The bug allowed unauthenticated access to the database, meaning no passwords or credentials were needed to see the data inside. The database contained more than 62,000 Catwatchful customer email addresses and plaintext passwords, as well as records on 26,000 victim devices compromised by the spyware. The data also exposed the administrator behind the operation, a Uruguay-based developer called Omar Soca Charcov. TechCrunch contacted Charcov to ask if he was aware of the security lapse, or if he planned to notify affected individuals about the breach. Charcov did not respond. With no clear indication that Charcov would disclose the breach, TechCrunch provided a copy of the Catwatchful database to data breach notification service Have I Been Pwned. Catwatchful is the latest in a long list of surveillance operations that have experienced a data breach in recent years, in large part due to shoddy coding and poor cybersecurity practices. Catwatchful is by TechCrunch's count the fifth spyware operation alone this year to have spilled users' data, and the most recent entry in a list of more than two-dozen known spyware operations since 2017 that have exposed their banks of data. As we noted in our previous story: Android users can identify if the Catwatchful spyware is installed, even if the app is hidden, by dialing 543210 into your Android phone app's keypad and pressing the call button. Remember to have a safety plan in place before removing spyware from your phone. — If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911. The Coalition Against Stalkerware has resources if you think your phone has been compromised by spyware.
Tahawul Tech
07-07-2025
- Tahawul Tech
Catwatchful data breach exposes thousands in latest stalkerware scandal
Security flaw highlights the ongoing risks of consumer-grade spying apps—and the need for greater public awareness. A covert Android application called Catwatchful, marketed as an 'invisible' child-monitoring tool, has suffered a major data breach that laid bare the email addresses and plaintext passwords of more than 62,000 paying customers and leaked stolen data from at least 26,000 victims' phones. The discovery, first reported by TechCrunch and attributed to security researcher Eric Daigle, shows that Catwatchful's unauthenticated programming interface allowed anyone on the internet to query its entire user database. Most victims were located in Mexico, Colombia, India, Peru, Argentina, Ecuador and Bolivia. Catwatchful is best described as stalkerware: consumer spyware that must be installed manually on a target's handset and then operates in secret, siphoning off photos, messages, real-time location data and even live microphone and camera feeds to a web dashboard controlled by the perpetrator. Although such apps are banned from official app stores, their availability via third-party sites continues to fuel intimate-partner surveillance and other forms of tech-enabled abuse. The leaked database also exposed the identity of the app's administrator, Omar Soca Charcov, a developer based in Uruguay who has so far declined to comment on the breach. Catwatchful is at least the fifth stalkerware service this year to suffer a hacking-related data spill, underscoring a pattern of lax security across the industry and the double-edged privacy threat these tools pose to both victims and buyers. Kaspersky, which classifies Catwatchful as stalkerware and has been detecting it since 2018, says the incident is further evidence that users and policymakers must remain vigilant. Tatyana Shishkova, Lead Security Researcher at Kaspersky GReAT, offered the following rapid response: 'Stalkerware remains a global and serious problem, as confirmed by the recent reports on the Catwatchful app. While such products are typically marketed as legitimate parental control apps, they pose significant risks: they operate stealthily, being installed without a person's knowledge or consent, and provide a perpetrator with the means to secretly monitor the victim's most private information. Moreover, such apps, despite the developer's claims about security, pose privacy risks to the perpetrators themselves. There are frequent data leaks, as recent media reports confirm. Although it was reported that the app 'is invisible and undetectable on the phone', Kaspersky has been detecting Catwatchful as stalkerware since 2018. The 'Who's spying on me' functionality enables users of the Kaspersky app for Android with a dedicated notification when this stalkerware is detected. This case reinforces the need to continuously raise awareness about stalkerware and tech-enabled abuse, empowering individuals with the knowledge on how to protect both their digital and physical lives.' Why it matters Catwatchful's breach illustrates three persistent dangers: Victim exposure – Intimate data can be harvested without consent and then leak wholesale when attackers exploit poor security hygiene. Perpetrator risk – Buyers entrust their credentials and sometimes incriminating evidence to vendors whose safeguards are minimal. Policy gaps – Stalkerware occupies a grey zone in many jurisdictions, complicating enforcement and takedown efforts. Cyber-safety advocates, including the global Coalition Against Stalkerware, argue that the only sustainable fix is a combination of tougher regulation, stricter platform policing and wider public education on detecting and removing clandestine tracking apps. For Android users concerned about possible compromise, Kaspersky and other security vendors recommend running a reputable mobile security suite, checking for unfamiliar accessibility-service permissions and keeping devices updated with the latest patches. Victims of tech-facilitated abuse can also seek specialised support from local domestic-violence hotlines and digital-safety organisations.
Indian Express
04-07-2025
- Indian Express
Catwatchful: The Android app that secretly stole 62,000 email addresses and passwords
A security vulnerability in a stealthy Android stalkerware named Catwatchful seems to have leaked more than 62,000 user credentials, including that of its administrator. The exploit was first discovered by a Canadian researcher named Eric Daigle, who claims that the leaked data includes email addresses and passwords stored in plain text. This data was used by the spyware's customers to access data stolen from the phones of unsuspecting victims. Catwatchful is a stalkerware for Android devices that disguises itself as a child-monitoring app. It works by uploading the victim's private information like photos, call logs, passwords, real-time location and other information by uploading it to a dashboard that can only be accessed by the person who planted it. What makes it even more dangerous is that Catwatchful can also tap in the live ambient audio using the phone's microphone and even access both front and rear cameras. Unlike most spyware apps for Android, Catwatchful uses its very own infrastructure and also offers a 3-day free trial, which is a rarity for a spyware app. The app developer also says that 'Catwatchful is invisible. It cannot be detected. It cannot be uninstalled. It cannot be stopped. It cannot be closed. Only you access the information it collects.' Unsurprisingly, it is not available on the Play Store and requires users to manually download and install it, which is often referred to as sideloading, which means only someone with physical access to your device will be able to install it. Daigle said he started by making a free trial account on the Catwatchful website, which is when he noticed that the website registered his information in two different locations, one of which was hosted on a domain called When installed, the app requested all sorts of permissions and hid itself as a system app. Also, all of the stolen data was stored in Firebase and accessed via a web control panel. However, the custom backend the app developer was using was vulnerable to a SQL injection attack. Daigle said he used this very flaw to access the service's entire user database, which included email addresses and passwords of people who were using Catwatchful to spy on others, which amounted to more than 62,000. As it turns out, it also included information of devices that were being monitored. According to TechCrunch, the majority of devices that were compromised were located in Mexico, Colombia, India, Peru, Argentina, Ecuador, and Bolivia. The publication says the list is in order of the number of victims. What's even more surprising is that some of these records date back to 2018, which suggests that Catwatchful has been operating and stealing data for at least 7 years.
