Menu
Browse

Cyber Threat Actor: Retina-X Studios

Actor Type Location Known Incidents
 Icon
Spy
United States of America
1 incident
Profile

Retina-X Studios, also known byits alias, is a mobile spyware provider based in the United States of America. The actor develops surveillance software that can be installed on Android and iPhone devices to monitor user activity. This tool captures a range of data including app usage, keystrokes, location information, and other device logs. Clients acquire access through subscription tiers, indicating a financial motive tied to the sale of the monitoring service. The primary targets of the software are individuals whose devices are compromised, enabling the actor’s customers to conduct personal surveillance. While the actor’s stated purpose is to provide monitoring capabilities, the exposed data shows that the service can be leveraged for both financial gain and invasive information gathering.

In May 2015, Retina-X Studios suffered a significant breach in which attackers exfiltrated extensive customer data from its spyware platform. The leaked material included emails, text messages, payment details, Apple IDs with passwords, photos, calendar entries, and support requests. The data was published on a Tor‑hidden site, with the attackers claiming the archive contained information from over four hundred thousand users and approximately one hundred forty‑five thousand financial transactions. The breach revealed that the actor’s surveillance software had been actively intercepting communications and tracking device locations for its subscriber base. Despite multiple outreach attempts, the company did not publicly acknowledge the incident following the deep‑web publication. No further public attributions, state links, or criminal affiliations have been established for Retina‑X Studios beyond its United States location and the described spyware activity.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources