Amazon is drawing fire for hosting data from the Cocospy, Spyic, and Spyzie apps weeks after being notified of the problem, as the spyware firms continue to upload sensitive phone data of 3.1 million users to Amazon Web Services (AWS) servers.
Last month on February 20, threat analysts at TechCrunch, an American global news outlet, notified Amazon of the stalkerware-hosted data, including exact storage bucket information where the stolen data from victims’ phones was stored. However, as of mid-March, no firm steps have been taken to disable the hosting servers.
In response, AWS thanked TechCrunch for the tip and sent a link to its abuse report form.
In response to this statement, Ryan, the AWS spokesperson stated, “AWS responded by requesting specific technical evidence through its abuse reporting form to investigate the claims. TechCrunch declined to provide this evidence or submit an abuse report.”
The Android apps Cocospy, Spyic, and Spyzie share identical source code and a security vulnerability that can be easily exploited. The flaw abuses poorly secured servers used by the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: