Zack Whittaker reports:
Last October, TechCrunch revealed a consumer-grade spyware security issue that’s putting the private phone data, messages and locations of hundreds of thousands of people, including Americans, at risk.
But in this case it’s not just one spyware app exposing people’s phone data. It’s an entire fleet of Android spyware apps that share the same security vulnerability.
TechCrunch first discovered the vulnerability as part of a wider exploration of consumer-grade spyware. The vulnerability is simple, which is what makes it so damaging, allowing near-unfettered remote access to a device’s data. But efforts to privately disclose the security flaw to prevent it from being misused by nefarious actors has been met with silence both from those behind the operation and from Codero, the web company that hosts the spyware operation’s back-end server infrastructure.
Read more at TechCrunch.