Experts warn that one of the most widely used stalkerware applications is allegedly “full of” security holes and threatens to disclose victim’s data to third parties.
Xnspy allows users to monitor the activities of their spouse, partner or child after they have secretly installed it on the victim’s device and then secretly runs in the background sending data back to the installer.
Investigation according to TechCrunch (opens in a new tab) found that beyond the already dubious legal issues posed by a tool like Xnspy, its underlying technology makes users extremely vulnerable to data security issues such as identity theft.
What have scientists discovered?
After months of research, security researchers Vangelis Stykas and Felipe Solferini concluded that this app has many vulnerabilities that are “easy to exploit” and “probably have been around for years.”
These flaws reportedly include “credentials and private keys left in the code by developers” as well as “broken or non-existent encryption”.
According to research, this app was primarily aimed at Android users – although it was also reported that thousands of iPhones were compromised.
Xnspy reportedly had 60,000 victims as early as 2022, TechCrunch claims, with cases only registered in 2022.
Despite Google banning the sale of stalkerware on its app store in August 2020 and then removing any ads that appeared on its platform, it’s unlikely we’ll see the last of the controversial tech.
The pandemic has led to a huge increase in the number of people choosing to use stalkerware tools.
According to research by cybersecurity company Avast, the UK saw a 93% increase in the use of stalking apps and spyware in the UK immediately after the lockdown measures were introduced.