- Hacktivist “Wikkid” exploited a bug on Struktura’s website to steal 536,000 customer records
- Data included names, emails, purchases and partial credit card details without payment dates
- Leak exposed mainstream spyware providers like Geofinder, uMobix, Peekviewer, posted on hacking forum
More than half a million names, email addresses and partial credit card information were leaked when a hacktivist attacked a developer of consumer harassment software.
Earlier this month, a hacker going by the pseudonym “wikkid” targeted the website of a company called Struktura. This is a Ukrainian software company believed to be behind several phone tracking services such as Geofinder, uMobix, Peekviewer and others. Speaking to TechCrunch, they said they discovered a “trivial” bug on Struktura’s website, which allowed them to scrape the vendor’s data.
In total, the hacktivist extracted 536,000 rows containing customers’ email addresses, the app or brand they purchased, the amount they paid, the payment card they used (Visa or Mastercard), and the last four digits of the card. Payment dates were not found in the records.
Fun to target spyware providers
The publication successfully verified the authenticity of the data by triggering a password reset on accounts associated with public email addresses, as well as matching each transaction’s unique invoice number with the monitoring provider’s payment pages. “We were able to do this because the checkout page allowed us to retrieve the same customer data and transactions from the server without needing a password,” the post explains.
Wikkid said they had “had fun targeting apps used to spy on people” and posted the archives on a popular hacking forum. There, they listed the vendor as Ersten Group, described as a British software development startup.
So far, Struktura representatives have not made any official statement on the incident.
Consumer spyware, or spousal software, is software (primarily mobile applications) that users can purchase and then silently install on mobile devices belonging to their spouses, partners, children, and other persons of interest.
Developers often present them as security apps, primarily aimed at monitoring children and people with special needs. However, these are almost always covers for borderline legal espionage.
Via TechCrunch
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
