Using a burner Android device with the microphone sealed and the cameras covered, TechCrunch installed the app and used a network traffic analysis tool to understand what data was going in and out of the device - and was able to confirm Kottmann’s findings. It’s believed the bucket was inadvertently set to public, a common mistake made - often caused by human error - nor was it protected with a password. Kottmann found that the app was exfiltrating the contents of victims’ phones to an Alibaba cloud storage bucket - which was named to suggest that the bucket only stored data collected from Android devices. TechCrunch obtained a copy of the Android app from Till Kottmann, a developer who reverse-engineers apps to understand how they work. ClevGuard’s website, which makes the KidsGuard phone spyware (Image: TechCrunch)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |