TechCrunch today launched a spyware lookup tool that allows anyone to check if their Android device was compromised by a fleet of consumer-grade spyware apps, including TheTruthSpy. The aim is to help victims check if their device was compromised and reclaim control of their device.
It follows a months-long investigation by TechCrunch into the fleet of spyware apps that share the same server infrastructure but also the same security flaw, and are all spilling the personal phone data of hundreds of thousands of Android users.
SPYWARE LOOKUP TOOL
You can check to see if your Android phone or tablet was compromised here.
These stealthy apps are often surreptitiously installed by someone with physical access to a person’s device and are designed to stay hidden from home screens, but allows that person to view the victim’s phone data in real time, including their calls, messages, contacts, real-time location data, photos and more.
Our investigation found that the spyware apps were built and maintained by a Vietnam-based group of developers that went to considerable lengths to hide their involvement in the operation, including using fake names and misappropriated identities. But without a fix, TechCrunch cannot reveal more about the security flaw because of the risk it poses to the hundreds of thousands of victims whose phones were unknowingly compromised by the fleet of spyware apps.
Then, in June, a source provided TechCrunch with a cache of files dumped from the servers of TheTruthSpy’s internal network. That cache of files included a list of every Android device that was compromised by any of the spyware apps in TheTruthSpy’s network up to April 2022, which is presumably when the data was dumped.
The leaked list does not contain enough information for TechCrunch to identify or notify owners of compromised devices. That’s why TechCrunch built this spyware lookup tool. The tool allows anyone to check for themselves if their Android device was compromised by these apps, and how to remove the spyware — if it’s safe to do so.
The tool works by matching against the leaked list of unique device identifiers, like IMEI numbers and advertising IDs, which are commonly collected by apps on your device and sent back to the developer, and these spyware apps are no different.
TechCrunch verified the leaked list by matching known identifiers, like IMEIs, from burner and virtual devices we used during our investigation into the spyware network.
You can use the tool for free here, and read more about our investigation that first uncovered the spyware network.
If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911. The Coalition Against Stalkerware also has resources if you think your phone has been compromised by spyware. You can contact this reporter on Signal and WhatsApp at +1 646-755-8849 or [email protected] by email.