TechCrunch reports that Vietnamese mobile spyware app TheTruthSpy, which has rebranded to PhoneParental, is impacted by a critical security flaw, which could be exploited to facilitate user account hijacking and the subsequent theft of victims' information.Malicious actors could harness the flaw to reset user passwords and take over user accounts for additional illicit activity, according to independent security researcher Swarang Wade, who informed TheTruthSpy's owner about the issue, but to no avail. However, TheTruthSpy Director Van (Vardy) Thieu noted in a statement to TechCrunch that such a vulnerability could not be addressed due to the loss of the app's source code. Additional analysis of PhoneParental conducted by TechCrunch revealed the persistence of source code bugs and unsecured back-end dashboards. Such a development comes after TheTruthSpy was reported to have been impacted by separate data breaches impacting at least 450,000 individuals. Money laundering has also been conducted by TheTruthSpy to circumvent credit card processors' anti-spyware protections.
Application security, Data Security, Privacy

TheTruthSpy spyware app impacted by critical data-exposing issue


Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



