It seems that the second coming of Spyhide was short-lived, with the infamous spyware now well and truly done and dusted.
As reported by TechCrunch, the spyware’s back-end server, which survived the initial shutdown intact (and was the reason the app was able to continue working as it did), was taken offline by its web host, Hetzner, earlier this week. Apparently the customer violated their terms of service.
“In addition, we terminated the customer’s server contract in a timely manner,” Christian Fitz, a spokesperson for Hetzner, told TechCrunch.
Spyhide and Oospy
With the back-end being taken offline and the website no longer existing, it looks like the spyware is now well and truly done.
In late July 2023, a cybersecurity researcher and hacktivist discovered Spyhide – a mobile malware that sends real-time information about contacts, messages, photos, call logs and recordings, and detailed location from the endpoint it is installed on – to another endpoint. device. It is a commercial product developed by an Iranian company. Some people also call it wifeware, because it is usually untrustworthy partners who use it, secretly installing it on their partner’s device, to monitor what they are doing. The app remains hidden on the victim’s mobile phone.
It reportedly had tens of thousands of customers, who sent hundreds of thousands of sensitive data snippets about their wives, husbands, partners and more. The hacktivists hacked the servers and blocked access to the collected data. However, since the app was still installed on tens of thousands of phones and communicating with the C2 server, the owners could simply rename the app and move on.
Now the revamped app, called Oospy, lost access to the back-end server thanks to Hetzner’s move, effectively ending the entire operation.