image

Spyware maker LetMeSpy shuts down after hacker deletes server data

Poland-based spyware LetMeSpy is no longer operational and said it will shut down after a June data breach wiped out its servers, including its huge trove of data stolen from thousands of victims’ phones.

In a notice on its website in both English and Polish, LetMeSpy confirmed the “permanent shutdown” of the spyware service and that it would cease operations by the end of August. The notice said LetMeSpy is blocking users from logging in or signing up with new accounts.

A separate notice on LetMeSpy’s former login page, which no longer functions, confirmed earlier reports that the hacker who breached the spyware operation also deleted the data on its servers.

“The breach consisted of unauthorized access to the LetMeSpy website’s database, downloading and at the same time deleting data from the website by the author of the attack,” the notice reads.

LetMeSpy’s app no longer functions, a network traffic analysis by TechCrunch shows, and the spyware maker’s website no longer provides the spyware app for download.

LetMeSpy was an Android phone monitoring app that was purposefully designed to stay hidden on a victim’s phone home screen, making the app difficult to detect and remove. When planted on a person’s phone — often by someone with knowledge of their phone passcode — apps like LetMeSpy continually steal that person’s messages, call logs and real-time location data.

A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis. The data showed that LetMeSpy, until recently, had been used to steal data from more than 13,000 compromised Android devices worldwide, though LetMeSpy’s website claimed prior to the breach that it controlled more than 236,000 devices.

The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment.

LetMeSpy is the latest spyware operation to shut down in the past year in the wake of a security incident that exposed victims’ data, but also the identities of its real-world operators.

Spytrac, a spyware with more than a million user records in its database, was confirmed to be operated by Support King, a tech company banned from the surveillance industry by federal regulators in 2021 for previously failing to secure stolen data from its then-flagship spyware app, SpyFone.