Another day, another data breach – This time it is Retina-X Studios, a well know spyware developing firm.
There are different types of hackers, some hack for profit while some hack for good and then there are hacktivists who do it for the cause. Recently a hacktivist has dropped a bombshell on a spyware manufacturer Retina-X Studios by hacking its system and deleting data from its cloud server.
Retina-X Studios is a United States-based firm in Jacksonville, Florida known for developing computer and smartphone monitoring software and applications for parental and work purposes. However, the company suffered a security breach in April 2017 revealing that Retina’s software are also used to spy on customers to keep an eye on their partners without their consent which is unlawful.
Now, according to Motherboard, Retina-X has once again suffered a data breach in which a hacker going by the online handle of Precise Buffalo on Mastodon server has targeted Retina-X and completely erased 1 terabyte of data from its cloud server including photos customers stole from unsuspecting users including kids who installed Retina-X’s Phonesheriff application on their smartphone.
Screenshot of Pastebin post published by the hacker
Remember, last year, the company had denied it suffered any data breach therefore to prove the legitimacy of their attack the hacker provided concrete evidence of their hack to Motherboard who tested the evidence and confirmed that Retina-X has indeed been hacked.
Motherboard tested the evidence by creating an account on Retina-X’s PhoneSheriff spyware and then taking two photos of their shoes. The hacker not only sent the same photos back to Motherboard but also confirmed the email address they used in signing up.
Screenshot of the account created by Motherboard
“None of this should be online at all. “Aside from the technical flaws, I really find this category of software disturbing. In the US, it’s mainly targeted to parents,” the hacker said, explaining his motivations for going after Retina-X. “Edward Snowden has said that privacy is what gives you the ability to share with the world who you are on your own terms, and to protect for yourself the parts of you that you’re still experimenting with. I don’t want to live in a world where younger generations grow up without that right,” said the hacker.
This is not the first time when a spyware developer has been hacked. Previously mSpy was compromised when a hacker stole personal data of 400,000 users and leaked it online. Last year, Israeli smartphone hacking firm Cellebrite also suffered a data breach in which 900 GB of data was stolen and leaked online. The leaked Cellebrite data also exposed in-house hacking capabilities.
