Phone Surveillance Apps Shut Down

A group of three phone surveillance apps that were involved in spying on millions of people’s phones has been taken offline.

Cocospy, Spyic, and Spyzie were three near-identical stalkerware apps, each with different branding, which allowed individuals who installed the apps on a target’s phone to access their personal data, including messages, photos, call logs, and real-time location data, often without the target’s knowledge or consent.

How Stalkerware Apps Operate

Stalkerware apps like Cocospy and its variants are designed to remain hidden from device home screens, making them difficult for victims to detect, while continuously providing access to the phone’s contents to the person who installed the app.

In February, a security researcher informed TechCrunch about a security flaw in these apps that allowed unauthorized access to the personal data of any device with one of the apps installed. This flaw also exposed the scale of the spying operations by revealing the email addresses of all users who signed up to use these spyware services.

Exposure and Takedown

The researcher exploited the bug to collect 3.2 million email addresses of Cocospy, Spyic, and Spyzie customers, which were then provided to the data breach notification site Have I Been Pwned.

Following TechCrunch’s reporting on the breach, the stalkerware apps ceased to function, their websites were taken down, and their Amazon-hosted cloud storage, which contained victims’ data, was deleted.

The reason behind the shutdown of these stalkerware operations is not clear, as the operators could not be reached for comment.

Precedents and Legal Implications

It is not uncommon for consumer-grade phone surveillance operations to shut down or rebrand after being hacked or suffering a data breach, often in an attempt to avoid legal and reputational consequences. Previous examples include LetMeSpy, which confirmed its permanent shutdown in August 2023 after a data breach, and U.S.-based spyware maker pcTattletale, which went out of business and shut down in May 2024 following a hack.

Conclusion and Advice

Cocospy, Spyic, and Spyzie are among the latest in a series of phone surveillance operations that have been compromised or exposed their victims’ data due to poor security practices. At least 25 stalkerware operations have been breached since 2017, with at least 10 shutting down after a breach.

Phone-monitoring apps, often marketed as parental control or tracking software, can be used for spying on spouses or partners without consent, which is illegal. As a result, these apps are banned from app stores and cannot advertise on search engines.

Although the Cocospy apps are no longer operational, individuals who may have been affected should still take steps to remove the spyware from their phones. To detect and remove Cocospy, Spyic, and Spyzie on an Android phone, users can dial ✱✱001✱✱ on their phone app’s keypad and press the “call” button to prompt the hidden stalkerware apps to appear on-screen, if installed.

After detection, the malicious app, which appears as a generic “System Service” app, can be deleted from the device.

—

If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. In emergency situations, call 911. The Coalition Against Stalkerware offers resources for those who suspect their phone has been compromised by spyware.