Spyware on Hacked Phones Has Been Disabled Once More

Oospy, a spyware operation that appeared earlier this year after its predecessor Spyhide was compromised, is no longer active and has closed down.

Spyware on Hacked Phones Has Been Disabled Once More
Spyware on Hacked Phones Has Been Disabled Once More

Spyware on Hacked Phones Has Been Disabled Once More

Oospy emerged on the internet in late July as a new version of Spyhide, a phone monitoring app. Spyhide had been used to surveil tens of thousands of Android device users globally. Following a breach that exposed the operation and its profit-seeking administrators, Spyhide ceased its activities.

After the hack exposed Spyhide, the website vanished from the internet. However, the spyware’s back-end server remained active and continued to communicate with the tens of thousands of phones it was monitoring because it was hosted on a different domain. This enabled the administrators to rename Spyhide as Oospy without disrupting the spyware operation.

The web host Hetzner shut down the back-end server, which held stolen phone data from thousands of Android devices worldwide, on Thursday. Hetzner cited a violation of its terms of service as the reason for taking this action.

Oopsy’s Administrators Denies Ever Having Hand 

Christian Fitz, a spokesperson for Hetzner, stated, “We have also canceled the customer’s server contract as per our policy,” in response to inquiries.

During their existence on the internet, Spyhide and Oospy targeted over 60,000 victims worldwide, including thousands in the United States. These stalkerware, also known as spouseware, are typically installed on a victim’s phone, often by someone who knows their passcode. Once installed, these apps consistently gather a victim’s contacts, messages, photos, call logs, recordings, and detailed location history.

After the Spyhide hack, journalists uncovered the identities of two administrators associated with Spyhide and Oospy. One of these administrators, Mohammad (also known as Mojtaba) Arasteh, admitted to having worked on the project “several years ago as a programmer.” However, he denied any connection with Oospy.

A slip-up on Oospy’s checkout page, which utilized PayPal for processing payments, revealed the name of the PayPal account holder, who happened to have the same family name as Arasteh.

Spyware operations often use payment services like PayPal to process customer payments, even though PayPal’s policies generally forbid the use of its service for purchasing or selling software that enables illegal activities, such as spyware. When contacted by some interviewers, PayPal spokesperson Caitlin Girouard did not provide any comments regarding the accounts.

Oospy ceased accepting PayPal payments shortly thereafter, although it remains uncertain whether PayPal took any action against the account.

Arasteh declined to comment on the PayPal account when approached by interviewers. Shortly after this contact, Oospy’s website went offline completely.

Closure of Spywares Backend Mean Ceasing of Spyhide and Oopsys operation

The closure of the spyware’s back-end server signifies the current cessation of Spyhide and Oospy’s operational capabilities.

Oospy and Spyhide are the most recent phone surveillance operations to vanish from the internet in recent months. LetMeSpy, a stalkerware of Polish origin, ceased its activities after a data breach in June. Additionally, last year, one of the most extensive Android spyware applications known as SpyTrac disappeared following an investigation that linked the spyware operation to Support King. The FTC had banned Support King from the surveillance industry due to a prior data breach.

Frequently Asked Questions

Has Spyware on Hacked Phones Been Disabled Again?

Yes, spyware on hacked phones has been disabled once more.

What is Spyware on Hacked Phones?

Spyware on hacked phones is malicious software that allows unauthorized access to a person’s smartphone, enabling the monitoring of their activities without their knowledge or consent.

Why Was the Spyware Disabled?

The spyware was disabled because it violated the terms of service of the web hosting provider, prompting them to take action.

How Many Phones Were Affected?

Tens of thousands of phones around the world were impacted by this spyware.

Check These Out


Please enter your comment!
Please enter your name here