A naukri.com initiative
TechCrunch
3w
43
Image Credit: TechCrunch
Amazon is still hosting stalkerware victims’ data weeks after breach alert
- Amazon has not disclosed whether it will take action against three phone surveillance apps, Cocospy, Spyic, and Spyzie, despite being informed by TechCrunch that it was hosting stolen phone data.
- A security researcher identified a security bug shared by the three near-identical Android apps, exposing phone data of 3.1 million individuals, many of whom are unaware of the compromise.
- TechCrunch notified Amazon of hosting data exfiltrated by the apps, with the storage buckets still active on Amazon Web Services.
- Amazon's spokesperson indicated they act swiftly on reports of violations but did not comment on the status of the servers used by the apps.
- Despite the notification from TechCrunch, Amazon has not taken action against the storage buckets containing stolen phone data.
- TechCrunch found that images uploaded by the stalkerware apps were hosted on Amazon Web Services, demonstrating a breach of privacy.
- Amazon's acceptable use policy prohibits spyware and stalkerware operations, yet the company has not addressed the issue with the apps.
- Companies like Amazon possess the resources to enforce their policies and prevent malicious use of their services.
- TechCrunch investigations into surveillance-related breaches aim to identify victims, expose surveillance operators, and identify platforms used in the operations.
- In a recent investigation, TechCrunch discovered Cocospy, Spyic, and Spyzie apps breaching privacy by uploading victims' data to Amazon's cloud servers.
Read Full Article
2 Likes
For uninterrupted reading, download the app