Herbie boosted this, and I had to take a look at it. Apparently, this covert app hides on your phone, and only the person who installed it has access to it.
You can’t remove it, it is invisible, and you have no way to find it.
The passwords and other info was exfiltrated through an SQL injection, says the article.
Doesn’t this sound like some of what we talked about before with Pegasus and other supposed surveilence apps?
With some fiddling, a researcher was able to get the app to dump roughly 62 thousand passwords. The application is called Catwatchful and it isn’t clear on which operating system this is used in. BTW, it also collected other info and there’s a link that says “trove of sensitive data.”
Provider of covert surveillance app spills passwords for 62,000 users comes from ars technica.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.
Hmph.
Round and round this goes.
So many apps, impossible to secure every one of them.
I don’t have an answer for you.