The unaddressed security flaw, known as CVE-2022-0732, exposes victims' phone data on the spyware's servers, including text messages, photos, call recordings, and real-time location data. Despite disruptions caused by investigations and the suspension of accounts by PayPal and Stripe, TheTruthSpy continues to operate, hosted on servers in Moldova. The stolen data remains accessible on the internet, posing a continuous threat to individuals.
Key takeaways:
- TheTruthSpy, a consumer-grade spyware operation, continues to compromise thousands of Android devices and poses a significant security and privacy threat.
- TheTruthSpy's operators have failed to address a major security flaw, allowing hacking groups SiegedSec and ByteMeCrew to exploit the vulnerability.
- A Vietnam-based startup named 1Byte is behind TheTruthSpy, and despite disruptions and account suspensions, TheTruthSpy continues to operate, posing a continuous threat.
- TheTruthSpy's unaddressed security flaw and persistent operations highlight the need for vigilance and proactive measures to safeguard against stalkerware threats.