Android spyware maker Retina-X's servers breached twice in two years

News by Jay Jay

Retina-X Studios, maker of several Spyware apps designed to help parents and enterprises keep tabs on children and employees, was hacked again, resulting in the compromise of sensitive data belonging to users.

Retina-X Studios, the maker of several Spyware apps designed to help parents and enterprises keep tabs on children and employees, was hacked for the second time in as many years, resulting in the compromise of sensitive data belonging to users.

TeenShield and PhoneSheriff, two Android apps offered by Retina-X and which help parents monitor activities in devices used by their children such as phone calls, texts, location data and a list of installed apps, were the targets of the attacks, both of which were successful and were conducted by the same hacker.

The hacker wasn't very comfortable with the idea of spyware apps being used to monitor people's activities and saw such apps as a bane on society. Last year, he hacked into Retina X's servers, gained access to sensitive data such as private photos, GPS data, and messages, and wiped some of the servers clean to eliminate data collected by such apps.

Last week, the hacker conducted a second attack on Retina X's servers and again deleted much of the firm's data before reporting his exploits to Motherboard. Even though Retina-X initially denied that it had been hacked, Motherboard confirmed that the firm's servers were indeed hacked.

In an email to SC Magazine UK, Lee Munson, security researcher at, said that considering how sensitive data collected by their apps are, developers of such spyware solutions must take extra precautions to ensure that their servers are free of vulnerabilities and protected from hackers.

“While legitimate uses may include protecting children, and maybe even corporate data, any software that can record keystrokes or access a camera or microphone can be put to bad uses by anyone in control of it. That's why those companies that produce spyware need to be far more adept at protecting their own code, lest it should end up being accessed and manipulated by the wrong type of people.

“Given the software's entire purpose, a hacker can easily leverage it to steal data remotely, from the very people it was supposed to protect. Not only that, many hackers would have no qualms about using any collected sensitive information for identity fraud, extortion or far worse. For that reason, and until or if spyware becomes illegal to use for the average citizen, its use should be thoughtfully considered and its code carefully scrutinised before it ever goes on sale,” he said.

Even though the hacker in question didn't harbour any malicious motives such as selling the data to earn money or posting it on a public platform to shame the company or its customers, it cannot be assumed that the next hacker would be equally harmless. The fact that the firm's servers have been breached repeatedly suggests that it did not take sufficient steps to block future hacking attempts after the first incident took place.

"Putting aside the ethics and uses of spyware, having the software poorly secured could expose sensitive and personal information pertaining to individuals to the wider masses. It is why all software creators should follow good security practices in development to ensure common weaknesses are not left in the product," said Javvad Malik, security advocate at AlienVault in an email to SC Magazine UK.

"Furthermore, companies should invest in threat detection technologies that can raise alerts whenever a potential breach occurs to protect its own, and its customers data," he added.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews