Encryption is powerless before the screenshot.
Surveillance through spy applications rarely ends with the control of only one device. A recent incident clearly showed how someone else’s attempt to secretly read correspondence can turn into a leak for all participants in conversations: tens of thousands of images with personal messages, documents and video calls of a well-known European media person were publicly available.
Cybersecurity specialist Jeremiah Fowler found an unprotected database without a password where 86 859 images were stored. Judging by the contents, the files were screenshots from the victim’s device, which was monitored with Stalkerware or other spyware. About the find Fowler told Express VPNVPN, which was published his report.
The database featured photos of correspondence from Facebook *, WhatsApp*, Instagram* and TikTok. Among the interlocutors of the victim were models, influencers, celebrities, friends, relatives and business partners. The screenshots also included phone numbers, e-mail addresses, accounts, receipts, identity cards and other documents. The victim's name is not disclosed, so as not to aggravate the damage from the leak.
The database was named after the well-known spyware service, which is promoted as a monitoring tool. At the same time, according to Fowler’s conclusions, the published storage did not belong to the developer of the service. Most likely, the base was created by a man who installed a surveillance program and collected screenshots from the victim’s device with it. The error in the access settings made the storage visible to any Internet user.
Fowler reported the discovery to law enforcement agencies, and also contacted the victim by phone numbers, which were found in the images. Usually, during leaks, the specialist notifies the company or organization responsible for the data, but in this case it was about a private person who used a malicious tool for observation.
The case also shows the limited end-to-end encryption. WhatsApp and other secure messengers hide messages during the transmission, but can not protect the text after displaying an infected device. If the surveillance program takes screenshots or intercepts notifications, private correspondence ceases to be private.
Stalkerware is usually installed on a phone, tablet or computer without the owner’s knowledge. Such applications can track location, read messages, record calls, access photos and activity in social networks. In a number of countries, the hidden installation of such software violates laws on improper access, data protection and communication.
Signs of infection can be fast battery discharge, overheating, increased mobile traffic consumption, strange permission requests, unknown applications and sudden failures. If you suspect surveillance, it is worth checking the list of installed programs, device administrator rights and access to special features, and then scanning the security software system.
In severe cases, it helps to completely reset the device, but before deleting the program, in case of threats and harassment, it is better to save evidence and contact the police.
Surveillance through spy applications rarely ends with the control of only one device. A recent incident clearly showed how someone else’s attempt to secretly read correspondence can turn into a leak for all participants in conversations: tens of thousands of images with personal messages, documents and video calls of a well-known European media person were publicly available.
Cybersecurity specialist Jeremiah Fowler found an unprotected database without a password where 86 859 images were stored. Judging by the contents, the files were screenshots from the victim’s device, which was monitored with Stalkerware or other spyware. About the find Fowler told Express VPNVPN, which was published his report.
The database featured photos of correspondence from Facebook *, WhatsApp*, Instagram* and TikTok. Among the interlocutors of the victim were models, influencers, celebrities, friends, relatives and business partners. The screenshots also included phone numbers, e-mail addresses, accounts, receipts, identity cards and other documents. The victim's name is not disclosed, so as not to aggravate the damage from the leak.
The database was named after the well-known spyware service, which is promoted as a monitoring tool. At the same time, according to Fowler’s conclusions, the published storage did not belong to the developer of the service. Most likely, the base was created by a man who installed a surveillance program and collected screenshots from the victim’s device with it. The error in the access settings made the storage visible to any Internet user.
Fowler reported the discovery to law enforcement agencies, and also contacted the victim by phone numbers, which were found in the images. Usually, during leaks, the specialist notifies the company or organization responsible for the data, but in this case it was about a private person who used a malicious tool for observation.
The case also shows the limited end-to-end encryption. WhatsApp and other secure messengers hide messages during the transmission, but can not protect the text after displaying an infected device. If the surveillance program takes screenshots or intercepts notifications, private correspondence ceases to be private.
Stalkerware is usually installed on a phone, tablet or computer without the owner’s knowledge. Such applications can track location, read messages, record calls, access photos and activity in social networks. In a number of countries, the hidden installation of such software violates laws on improper access, data protection and communication.
Signs of infection can be fast battery discharge, overheating, increased mobile traffic consumption, strange permission requests, unknown applications and sudden failures. If you suspect surveillance, it is worth checking the list of installed programs, device administrator rights and access to special features, and then scanning the security software system.
In severe cases, it helps to completely reset the device, but before deleting the program, in case of threats and harassment, it is better to save evidence and contact the police.
