Poland-based Spyware Maker LetMeSpy Ceases Operations Following Data Breach

Blog Details

LetMeSpy, a spyware operation based in Poland, has officially announced its permanent shutdown after suffering a data breach in June that resulted in the loss of its servers, including a significant amount of stolen data extracted from thousands of victims' phones.

In a notice posted on its website, available in both English and Polish, LetMeSpy confirmed the cessation of its spyware services, stating that all operations would come to a halt by the end of August. As part of the shutdown, LetMeSpy has blocked user access, preventing both login attempts and new account sign-ups.

A separate notice on LetMeSpy's former login page, which is now non-functional, affirmed earlier reports that the hacker responsible for breaching the spyware operation also deleted the entirety of its stored data.

"The breach consisted of unauthorized access to the LetMeSpy website’s database, downloading and at the same time deleting data from the website by the author of the attack," the notice disclosed.

LetMeSpy's Android phone monitoring app, designed to remain inconspicuous on a victim's phone home screen, has ceased to function, as revealed by a network traffic analysis conducted by TechCrunch. Additionally, the spyware maker's website no longer offers the spyware app for download.

Previously, LetMeSpy operated as an Android phone monitoring app that could be surreptitiously installed on a victim's device, typically by someone familiar with their phone's passcode. Once implanted, apps like LetMeSpy continuously pilfered the user's messages, call logs, and real-time location data.

Analysis of a database copy obtained by the nonprofit transparency collective DDoSecrets and shared with TechCrunch revealed that LetMeSpy had been responsible for stealing data from over 13,000 compromised Android devices worldwide. Interestingly, LetMeSpy's website, prior to the breach, had claimed to have control over more than 236,000 devices.

The database also contained information indicating that the spyware was developed by a tech company named Radeal, based in Krakow, whose CEO Rafal Lidwin did not respond to comment requests.

LetMeSpy joins a growing list of spyware operations that have shut down in the past year following security incidents that exposed victims' data and revealed the identities of the operators behind them. Spytrac, with over a million user records in its database, was discovered to be operated by Support King, a tech company that federal regulators banned from the surveillance industry in 2021 due to its failure to secure stolen data from its flagship spyware app, SpyFone.

Both Spytrac and Support King ceased operations after being exposed by TechCrunch's investigative reporting.