The maker of a cellphone app that’s marketed as offering a stealthy means for monitoring all actions on an Android system spilled electronic mail addresses, plain-text passwords, and different delicate knowledge belonging to 62,000 customers, a researcher found just lately.
A safety flaw within the app, branded Catwatchful, allowed researcher Eric Daigle to obtain a trove of delicate knowledge, which belonged to account holders who used the covert app to watch telephones. The leak, made attainable by a SQL injection vulnerability, allowed anybody who exploited it to entry the accounts and all knowledge saved in them.
Unstoppable
Catwatchful creators emphasize the app’s stealth and safety. Whereas the promoters declare the app is authorized and meant for folks monitoring their kids’s on-line actions, the emphasis on stealth has raised issues that it is being geared toward folks with different agendas.
