By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: August 5, 2023

Saturday, 5 August 2023

Android Spyware Maker LetMeSpy Shuts Down After Hacker Deletes Server Data ★

Zack Whittaker, reporting for TechCrunch:

Poland-based spyware LetMeSpy is no longer operational and said it will shut down after a June data breach wiped out its servers, including its huge trove of data stolen from thousands of victims’ phones. [...]

LetMeSpy was an Android phone monitoring app that was purposefully designed to stay hidden on a victim’s phone home screen, making the app difficult to detect and remove. When planted on a person’s phone — often by someone with knowledge of their phone passcode — apps like LetMeSpy continually steal that person’s messages, call logs and real-time location data.

A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis. The data showed that LetMeSpy, until recently, had been used to steal data from more than 13,000 compromised Android devices worldwide, though LetMeSpy’s website claimed prior to the breach that it controlled more than 236,000 devices.

The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment. LetMeSpy is the latest spyware operation to shut down in the past year in the wake of a security incident that exposed victims’ data, but also the identities of its real-world operators.

Like cockroaches scurrying when the lights come on.

Where’s My Fainting Couch? ★

Richard Lawler, reporting for The Verge:

In news that isn’t very surprising given the recent history of Twitter, which Elon Musk is currently rebranding to X, the company won’t be able to make some promised payments on time. The X Support account says that because its “Ads Revenue Sharing” program is so popular, “We need a bit more time to review everything for the next payout and aim to get all eligible accounts paid as soon as possible.”

Related: Jeremy Vaught registered the @music account on Twitter 16 years ago, and had posted to it frequently. He is a paying Twitter Blue subscriber. And X Corp just took the handle from him, like they did to the guy who had @x. This company is a great and trustworthy partner for individual creators.