We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Spyhide Spyware App Compromised 60,000 Android Devices

Spyhide Spyware App Compromised 60,000 Android Devices
Author Image Keira Waddell
Keira Waddell Published on 28th July 2023 Senior Writer

Spyhide, an Android spyware app developed in Iran, has silently collected private phone data from tens of thousands of Android devices worldwide. Operating as stalkerware, it discreetly installs on victims' phones, remaining hidden on the home screen to avoid detection and removal. Once installed, Spyhide uploads messages, contacts, photos, recordings, call logs, and real-time location data.

The exposure of Spyhide's development environment came to light when a hacker known as maia arson crimew accessed the source code of a web-based dashboard used by abusers to view pilfered data. Crimew managed to access the back-end databases, providing valuable insights into the spyware operation and its suspected administrators.

Detailed records of about 60,000 compromised Android devices from 2016 until mid-July 2023 were discovered. TechCrunch's analysis showed that Spyhide's surveillance network spans every continent, including clusters of victims in Europe and Brazil and over 3,100 compromised devices in the US.

Within the compromised data, there were approximately 3.29 million text messages, some containing sensitive security information such as two-factor authentication codes and password reset links. It also encompassed over 1.2 million call logs, disclosing the phone numbers of the receiver, the duration of the calls, and around 312,000 call recordings. Disturbingly, the records also encompassed details of approximately 6,000 ambient recordings captured through the victims' phone microphones.

Stalkerware apps, such as Spyhide, are not uncommon, but they often come with flaws that inadvertently expose victims' stolen data. A recent incident involved the LetMeSpy app, which experienced a security breach last month.

Users are advised to check for hidden spyware apps via the apps menu within their phone settings. Spyhide disguises itself as a Google-themed app named "Google Settings," complete with a cog icon, or as a ringtone app titled "T.Ringtone," featuring a musical note icon. Enabling Google Play Protect can also provide some protection against malicious Android apps.

The discovery of Spyhide underscores the ongoing concern surrounding stalkerware and emphasizes the significance of safeguarding against unauthorized surveillance on Android devices. Users are encouraged to remain vigilant and adopt preventive measures to protect their privacy and personal data from malicious applications.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.