One of the most widely used stalkerware apps is said to be "riddled" with security holes and risks exposing its victims' data to third parties, experts have warned.
Xnspy allows users to monitor the activities of their spouse, partner or child after secretly installing it on their victim's device, then it secretly runs in the background while sending data to the installer.
An investigation by TechCrunch (opens in a new tab) found that in addition to the already questionable legal and legal issues that a tool like Xnspy presents, its underlying technology leaves users extremely vulnerable to data security issues such as theft. of identity.
What did the researchers find?
After months of investigation, security researchers Vangelis Stykas and Felipe Solferini claimed that this app has many flaws that are "easy to exploit" and "probably been around for years."
These flaws would include "credentials and private keys left in the code by developers," as well as "broken or non-existent encryption."
According to the investigation, this app was mainly targeting Android users, although it also reported that thousands of iPhones had been compromised.
Xnspy claimed 60,000 victims as early as 2022, TechCrunch claims, with recorded cases in 2022.
Although Google banned the sale of stalkerware from its app store in August 2020 and later removed all ads that appeared on its platform, it's unlikely we've seen the last of the controversial technology.
The pandemic has caused a huge increase in the number of people deciding to use stalkerware tools.
There was reportedly a 93% increase in the use of spyware and stalker apps in the UK directly after the introduction of the first blocking measures, according to research by cybersecurity firm Avast.