TechCrunch today launched a spyware lookup tool that allows anyone to check if their Android device was compromised by a network of consumer-grade stalkerware apps, including TheTruthSpy. The aim is to help victims check if their device was compromised and reclaim control of their device.
It follows a months-long investigation by TechCrunch into the apps that share the same server infrastructure but also the same security flaw, and are all spilling the personal phone data of hundreds of thousands of Android users.
SPYWARE LOOKUP TOOL
You can check to see if your Android phone or tablet was compromised here.These stealthy apps are often surreptitiously installed by someone with physical access to a person’s device and are designed to stay hidden from home screens but allow that person to view the victim’s phone data in real time, including their calls, messages, contacts, real-time location data, photos and more. These spying apps are often known by the term “stalkerware” for their ability to track and monitor other people or spouses without their consent.
Our investigation found that the stalkerware apps were built and maintained by a Vietnam-based group of developers that went to considerable lengths to hide their involvement in the operation, including using fake names and misappropriated identities. But without a fix, TechCrunch cannot reveal more about the security flaw because of the risk it poses to the hundreds of thousands of victims whose phones were unknowingly compromised by the apps.
Then, in June, a source provided TechCrunch with a cache of files dumped from the servers of TheTruthSpy’s internal network. That cache of files included a list of every Android device that was compromised by any of the stalkerware apps in TheTruthSpy’s network up to April 2022, which is presumably when the data was dumped.
The leaked list does not contain enough information for TechCrunch to identify or notify owners of compromised devices. That’s why TechCrunch built this lookup tool. The tool allows anyone to check for themselves if their Android device was compromised by these apps, and how to remove them — if it’s safe to do so.
The tool works by matching against the leaked list of unique device identifiers, like IMEI numbers and advertising IDs, which are commonly collected by apps on your device and sent back to the developer, and these apps are no different.
TechCrunch verified the leaked list by matching known identifiers, like IMEIs, from burner and virtual devices we used during our investigation.
You can use the tool for free here and read more about our investigation that first uncovered the stalkerware network.
If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911. The Coalition Against Stalkerware also has resources if you think your phone has been compromised by spyware. You can contact this reporter on Signal and WhatsApp at +1 646-755-8849 or zack.whittaker@techcrunch.com by email.