Cyber Incident Victim: Mobistealth
Date:
Feb 2018
Location:
United States of America
Summary
A hacker breached two consumer spyware firms, including Mobistealth, stealing extensive customer data and intercepted communications from devices running their monitoring software. The compromised information included tens of thousands of customer accounts, business records, GPS location histories, and personal messages such as texts and Facebook chats. The attacker targeted the companies for enabling illegal surveillance and domestic abuse, highlighting the industry’s security vulnerabilities. While some customers claimed legitimate use for child or employee monitoring, both firms had marketed their tools for spousal spying—potentially violating wiretapping laws. Motherboard verified portions of the data by confirming account ownership and contacting affected individuals, though the companies did not respond to requests for comment.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In February 2018, a hacker breached two consumer spyware companies, Mobistealth and Spy Master Pro, stealing extensive data that included customer records, business information, and intercepted communications from devices infected with their malware. The compromised data comprised tens of thousands of customer accounts, GPS location histories, and alleged text messages harvested from targets' smartphones. Motherboard verified the authenticity of the data by successfully resetting account passwords tied to the stolen credentials, contacting individuals identified in the data dump, and confirming email addresses with customer support representatives. Neither company responded to repeated requests for comment regarding the breach. The hacker, who remained anonymous, provided the data to Motherboard, framing the intrusion as an attack against an industry that facilitates stalking and abuse. This incident followed similar breaches targeting competitors FlexiSpy and Retina-X in the preceding year, indicating a pattern of hackers actively targeting the consumer spyware sector.
The stolen data revealed highly personal information, including intimate text messages and real-time location tracking of individuals under surveillance. Examples of intercepted communications included messages referencing marital infidelity, counseling discussions, and school-related conversations involving children. Spy Master Pro's data contained extensive historical GPS logs, while Mobistealth's capabilities included remote microphone activation. Both companies marketed their products for spousal monitoring despite acknowledging potential legal violations, as evidenced by blog posts encouraging users to monitor partners for signs of disloyalty. The breach exposed how such tools capture private moments indiscriminately, regardless of whether customers used them for legal purposes like parental monitoring or illegal surveillance. The hacker criticized the industry for enabling stalking and domestic abuse while maintaining lax security, describing the companies as "hilariously vulnerable." No containment measures or public responses from the affected firms were documented following the incident.