A New York-based spyware maker has agreed to notify the individuals whose phones were compromised by its mobile surveillance software, following a deal with the New York attorney general’s office announced Thursday.
Under the agreement, Patrick Hinchy, whose 16 companies promoted apps like PhoneSpector and Highster, will also pay $410,000 in civil penalties for illegally promoting the mobile surveillance software that allowed its customers to spy on another person’s phone without their knowledge.
According to the New York attorney general’s office, the apps sold by Hinchy allowed his customers to secretly monitor a victim’s phone and access their device data, including text messages and emails, photos, browsing history and precise location data. These apps, which require physical access to someone’s phone, are known as stalkerware (or spouseware), as many are expressly advertised as a way of spying on a person’s spouse or partner. Others are sold under the guise of child monitoring software.
In a statement, New York attorney general Letitia James said that Hinchy used his consortium of companies for “aggressively promoting” his stalkerware apps. James’ office also accused Hinchy’s companies of failing to disclose that customers would have to jailbreak — or root — a victim’s device before they could plant the stalkerware, a process that can weaken the security of a person’s device.
The agreement says that Hinchy must notify affected victims within 60 days that their device is being monitored. Hinchy must also make “accurate disclosures regarding endorsements, rooting and jailbreaking requirements, refund policies, and data security,” per James’ office.
But the agreement falls short of outlawing the apps completely.
In 2020, the U.S. Federal Trade Commission banned Retina-X after it was hacked several times. A year later, the FTC also banned the stalkerware maker SpyFone and its parent company Support King from the surveillance industry. The FTC also instructed Support King to notify victims that their phones had been compromised.
In December, TechCrunch reported that Support King had rebranded as a new stalkerware operation, SpyTrac, in an effort to evade the FTC’s ban. Following the publication of our investigation, both Support King and SpyTrac went offline.
It is not yet known exactly how many users — or victims — were ensnared by PhoneSpector, Highster and the other stalkerware apps. TechCrunch asked James’ office and will update if we hear back.
Facebook-parent Meta has launched a subscription service, called Meta Verified, that will allow users to add the coveted blue check mark to their Instagram and Facebook accounts for up to $15 a month by verifying their identity, its chief executive Mark Zuckerberg said on Sunday, tapping a new revenue channel that has returned mixed success […]
After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point. Written by Linda Smith, Rajat Wason, Syed Zaidi AUGUST 10, 2022 SECURITY OPERATIONS ACTIVE ADVERSARY PLAYBOOK BLACKCAT FEATURED HIVE LOCKBIT RANSOMWARE SOPHOS X-OPS In May 2022, an automotive supplier was hit with three separate ransomware attacks. […]
Digital twins — virtual representations of actual systems — have become an important component in how engineers and analysts build, visualize and operate AI projects, network security and other complicated architectures that might have a number of components working (or malfunctioning as the case may be) in tandem. Today, a startup called Forward Networks — which has […]
Leave a Reply