top of page

A Brazilian phone spyware was hacked and victims’ devices exposed on server

A Portuguese-language spyware called WebDetetive has been used to compromise more than 76,000 Android phones in recent years across South America, largely in Brazil. WebDetetive is also the latest phone spyware company in recent months to have been hacked.

In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access to its user databases. By exploiting other flaws in the spyware maker’s web dashboard — used by abusers to access the stolen phone data of their victims — the hackers said they enumerated and downloaded every dashboard record, including every customer’s email address.

Even though the hackers who accessed WebDetective's servers claimed to have "deleted" victims details, there is no way to confirm this. In a situation such as this, hackers could easily further exploit victims by selling the data which has been seen in past attacks. Attackers could even use acquired information from existing victims to further attempt to extort the victims, which in the past has led to suicide due to the potential repercussions suffered by the victims.

WebDetective makes no attempt to hide itself from the user, instead it cleverly disguises itself as an Android system app called "WiFi". Many people would not notice this, and even if they did they would simply assume it was a harmless alternate WiFi connection method.

In total, the data showed that WebDetetive had compromised 76,794 devices to date at the time of the breach. The data also contained 74,336 unique customer email addresses, though WebDetetive does not verify a customer’s email addresses when signing up, preventing any meaningful analysis of the spyware’s customers.

Little is known about WebDetetive beyond its surveillance capabilities. It’s not uncommon for spyware makers to conceal or obfuscate their real-world identities, given the reputational and legal risks that come with producing spyware and facilitating the illegal surveillance of others. WebDetetive is no different. Its website does not list who owns or operates WebDetetive.

With hardware, firmware, application, and network level protections SecureCrypt is immune to attacks like this as only SecureCrypt can authorize installation of applications, and it is simply not possible to install any applications on a SecureCrypt device by a user, or by anyone who accesses any users device.

SecureCrypt's locked down, and hardened device is protected by state-of-the-art Blackberry UEM features such as Enhanced Kernel Reinforcement Protections, Enhanced Memory Protections, and Secure Boot. Always updated to defend against all the latest mobile threats, and mobile malware, Blackberry is the industry cybersecurity leader and SecureCrypt is a proud Blackberry partner.

SecureCrypt also features network level protections with our secure SIM cards which prevent the provider from pushing malware through the SIM. It also protects our users from existing vulnerabilities in the cellular network eco-system.

SecureCrypt users also enjoy the added benefit of being protected from SIM Swapping Attacks. SecureCrypt devices do not have traditional phone numbers like regular, non-encrypted and unprotected devices do, therefore a SIM Swapping attack is not possible.

Sensitive businesses like financial institutions, lawyers, medical professionals, politically affiliated business, and those who have sensitive employment, activists, or those with secrets to protect rely on SecureCrypt daily to prevent data theft, communication interception, and hacking.

Join SecureCrypt today and don't let your company's sensitive proprietary information or your secrets end up in the wrong hands. Contact us today.


bottom of page