Android 'Safety' App Was Actually Spying on People for Years
Catwatchful, an Android app designed to run in stealth mode, was pitched as a way for parents to monitor their children, TechCrunch reported. But the app, which operated outside of the Google Play store, went far beyond basic tracking. It quietly uploaded everything from text messages and photos to real-time location data and ambient audio, all without the victim's knowledge.
A recently discovered security flaw exposed the app's entire customer database, including more than 62,000 email addresses and passwords used by those who installed the spyware. The breach also revealed stolen data from 26,000 victim devices, many located in Mexico, Colombia, India, and other countries in Latin America and South Asia.
Catwatchful relied on physical access to install, allowing it to bypass app store scrutiny. Once active, it was virtually invisible to the user, with a hidden backdoor code to bring it up only when prompted. The app also tapped into device microphones and cameras, pushing the limits of what 'monitoring' software should be allowed to do.
And while the app's victims never saw it coming, the breach also compromised the operation's creator. The database exposed the identity of the developer behind the spyware, linking him directly to the stolen data and Firebase servers hosting it. Attempts to reach him have gone unanswered.
Google, alerted to the breach, said it has added new protections to detect Catwatchful with Play Protect, its built-in Android security scanner. But as of now, the app's backend remains active.
Catwatchful is just the latest in a troubling trend.
Several stalkerware tools have leaked or been hacked this year, reinforcing how insecure and invasive these apps truly are. While marketed as parenting tools, many of them enable covert surveillance in relationships or workplaces, crossing legal and ethical lines.
Android users can check for Catwatchful by dialing 543210 into the phone app. If it appears, it's installed, and it's time to remove it.
In a tech-driven world, the promise of safety often comes with a hidden cost. With Catwatchful exposed, it's clear that in the age of smartphones, the line between protection and intrusion isn't always where you think it is.Android 'Safety' App Was Actually Spying on People for Years first appeared on Men's Journal on Jul 3, 2025
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
14 minutes ago
- Yahoo
Meta Clashes With Apple, Google Over Age Check Legislation
(Bloomberg) -- The biggest tech companies are warring over who's responsible for children's safety online, with billions of dollars in fines on the line as states rapidly pass conflicting laws requiring companies to verify users' ages. Trump Awards $1.26 Billion Contract to Build Biggest Immigrant Detention Center in US The High Costs of Trump's 'Big Beautiful' New Car Loan Deduction Can This Bridge Ease the Troubled US-Canadian Relationship? Salt Lake City Turns Winter Olympic Bid Into Statewide Bond Boom Trump Administration Sues NYC Over Sanctuary City Policy The struggle has pitted Meta Platforms Inc. and other app developers against Apple Inc. and Alphabet Inc.'s Google, the world's largest app stores. Lobbyists for both sides are moving from state to state, working to water down or redirect the legislation to minimize their clients' risks. This year alone, at least three states — Utah, Texas and Louisiana — passed legislation requiring tech companies to authenticate users' ages, secure parental consent for anyone under 18 and ensure minors are protected from potentially harmful digital experiences. Now, lobbyists for all three companies are flooding into South Carolina and Ohio, the next possible states to consider such legislation. The debate has taken on new importance after the Supreme Court this summer ruled age verification laws are constitutional in some instances. A tech group on Wednesday petitioned the Supreme Court to block a social media age verification law in Mississippi, teeing up a highly consequential decision in the next few weeks. Child advocates say holding tech companies responsible for verifying the ages of their users is key to creating a safer online experience for minors. Parents and advocates have alleged the social media platforms funnel children into unsafe and toxic online spaces, exposing young people to harmful content about self harm, eating disorders, drug abuse and more. Blame Game Meta supporters argue the app stores should be responsible for figuring out whether minors are accessing inappropriate content, comparing the app store to a liquor store that checks patrons' IDs. Apple and Google, meanwhile, argue age verification laws violate children's privacy and argue the individual apps are better-positioned to do age checks. Apple said it's more accurate to describe the app store as a mall and Meta as the liquor store. The three new state laws put the responsibility on app stores, signaling Meta's arguments are gaining traction. The company lobbied in support of the Utah and Louisiana laws putting the onus on Apple and Google for tracking their users' ages. Similar Meta-backed proposals have been introduced in 20 states. Federal legislation proposed by Republican Senator Mike Lee of Utah would hold the app stores accountable for verifying users' ages. Still, Meta's track record in its state campaigns is mixed. At least eight states have passed laws since 2024 forcing social media platforms to verify users' ages and protect minors online. Apple and Google have mobilized dozens of lobbyists across those states to argue that Meta is shirking responsibility for protecting children. 'We see the legislation being pushed by Meta as an effort to offload their own responsibilities to keep kids safe,' said Google spokesperson Danielle Cohen. 'These proposals introduce new risks to the privacy of minors, without actually addressing the harms that are inspiring lawmakers to act.' Meta spokesperson Rachel Holland countered that the company is supporting the approach favored by parents who want to keep their children safe online. 'Parents want a one-stop-shop to oversee their teen's online lives and 80% of American parents and bipartisan lawmakers across 20 states and the federal government agree that app stores are best positioned to provide this,' Holland said. As the regulation patchwork continues to take shape, the companies have each taken voluntary steps to protect children online. Meta has implemented new protections to restrict teens from accessing 'sensitive' content, like posts related to suicide, self-harm and eating disorders. Apple created 'Child Accounts,' which give parents more control over their children's' online activity. At Apple, spokesperson Peter Ajemian said it 'soon will release our new age assurance feature that empowers parents to share their child's age range with apps without disclosing sensitive information.' Splintered Groups As the lobbying battle over age verification heats up, influential big tech groups are splintering and new ones emerging. Meta last year left Chamber of Progress, a liberal-leaning tech group that counts Apple and Google as members. Since then, the chamber, which is led by a former Google lobbyist and brands itself as the Democratic-aligned voice for the tech industry, has grown more aggressive in its advocacy against all age verification bills. 'I understand the temptation within a company to try to redirect policymakers towards the company's rivals, but ultimately most legislators don't want to intervene in a squabble between big tech giants,' said Chamber of Progress CEO Adam Kovacevich. Meta tried unsuccessfully to convince another major tech trade group, the Computer & Communications Industry Association, to stop working against bills Meta supports, two people familiar with the dynamics said. Meta, a CCIA member, acknowledged it doesn't always agree with the association. Meta is also still a member of NetChoice, which opposes all age verification laws no matter who's responsible. The group currently has 10 active lawsuits on the matter, including battling some of Meta's preferred laws. The disagreements have prompted some of the companies to form entirely new lobbying outfits. Meta in April teamed up with Spotify Technology SA and Match Group Inc. to launch a coalition aimed at taking on Apple and Google, including over the issue of age verification. Competing Campaigns Meta is also helping to fund the Digital Childhood Alliance, a coalition of conservative groups leading efforts to pass app-store age verification, according to three people familiar with the funding. Neither the Digital Childhood Alliance nor Meta responded directly to questions about whether Meta is funding the group. But Meta said it has collaborated with Digital Childhood Alliance. The group's executive director, Casey Stefanski, said it includes more than 100 organizations and child safety advocates who are pushing for more legislation that puts responsibility on the app stores. Stefanski said the Digital Childhood Alliance has met with Google 'several times' to share their concerns about the app store in recent months. The App Association, a group backed by Apple, has been running ads in Texas, Alabama, Louisiana and Ohio arguing that the app store age verification bills are backed by porn websites and companies. The adult entertainment industry's main lobby said it is not pushing for the bills; pornography is mostly banned from app stores. 'This one-size fits all approach is built to solve problems social media platforms have with their systems while making our members, small tech companies and app developers, collateral damage,' said App Association spokesperson Jack Fleming. In South Carolina and Ohio, there are competing proposals placing different levels of responsibility on the app stores and developers. That could end with more stringent legislation that makes neither side happy. 'When big tech acts as a monolith, that's when things die,' said Joel Thayer, a supporter of the app store age verification bills. 'But when they start breaking up that concentration of influence, all the sudden good things start happening because the reality is, these guys are just a hair's breath away from eating each other alive.' (Updates with App Association statement in 24th paragraph.) Burning Man Is Burning Through Cash Confessions of a Laptop Farmer: How an American Helped North Korea's Wild Remote Worker Scheme It's Not Just Tokyo and Kyoto: Tourists Descend on Rural Japan Elon Musk's Empire Is Creaking Under the Strain of Elon Musk A Rebel Army Is Building a Rare-Earth Empire on China's Border ©2025 Bloomberg L.P. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Android Authority
15 minutes ago
- Android Authority
Google Maps crashes keeping you from planning a route home? You're far from alone
Andy Walker / Android Authority TL;DR Google Maps is crashing for some users when attempting to get transit directions. Other transportation methods do not appear to be affected. Not everyone on the same version of the app is experiencing the problem, though, and we've reached out to Google for more information. Modern navigation software is superior to paper maps for more reasons than we can count, and one great example is how well they can integrate with mass transit systems. Instead of driving, biking, or walking everywhere, apps like Google Maps make it a snap to plan trips that also incorporate segments where we're riding a bus or boarding a train — even with awareness of departure timetables. That's great when it's working. Right now, though, it isn't. Earlier today, reports started circulating over on Reddit's Google Maps sub about a problem with transit instructions, summarized in a post by user XenonOxide. About a dozen Pixel users chime in to respond with reports of their own, and everyone who's getting this seems to be having the same problem. For affected users, you're able to search for destinations and generate most types of navigation instructions just fine, but the moment you tap on public transit, Maps crashes. Android Police was able to recreate this effect, and confirms what users experienced while testing on version 25.30.00.785163646 of the Maps app. We attempted to also verify on our own phones, but even after updating Maps 25.29.00.782600971 to this newer release, we're still able to access navigation instructions without causing a crash. Why this is affecting some users and not others, we can't yet say, but reports in the Reddit thread show that crashes still appear to be taking place within the past hour, making it look like Google has yet to resolve the underlying issue. In fact, we don't see a mention of any problem at all on the company's Maps status page, so it may not even be widespread enough to be on the radar. We've reached out to Google to both try to find out if the company is aware of these crashes, and to see if there are any steps users experiencing them can take in order to get Maps working again.
CNET
15 minutes ago
- CNET
Cricket Wireless Debuts New Prepaid Plans Starting at $35
Cricket Wireless has revamped its prepaid plans to trim prices and offer more perks, including hotspot data and bundled extras like streaming services. Cricket, owned by AT&T, competes with prepaid providers from other carriers like Verizon's Visible, T-Mobile's Mint Mobile and Dish's Boost Mobile. Cricket has trimmed its offerings down to four plans (from five) and dropped prices on all of them. Cricket's cheapest plan, called Sensible 10GB, is still $30 per month if set up with autopay (or $35 normally) and offers 5G service with 10GB of monthly data (up from 5GB previously), with speeds dropping down to 128 Kbps thereafter. As a basic plan, there's no option to add fancier options like hotspot data, cloud storage or a bundled streaming service, nor can it be used in Mexico and Canada like pricier plans. The mobile company's cheapest unlimited 5G plan, Select Unlimited, is $35 per month with autopay (or $40 normally), a $5 savings from its earlier plan. While it also lacks extras, hotspot data can be added on. This is the presumed family value plan, as four lines can be included for $100 a month. Those that do want extras can pick the 5G Smart Unlimited plan for $45 per month with autopay (or $50 normally), which is a bigger upgrade on the older version of the same plan; not only is it $10 cheaper per month, but it offers 15GB of hotspot data and 100Gb of cloud storage (up from 2GB). This plan can be used in Mexico and Canada, with texting available from the US to friends in over 200 countries and territories. The middle plans, Select Unlimited and Smart Unlimited, both come with the caveat that Cricket may temporarily slow down data speeds if the network is busy. Cricket's priciest unlimited 5G plan, Supreme Unlimited, is $55 with autopay per month (or $60 normally), which is $5 cheaper than the previous version. It's intended for mobile power users with 50GB of hotspot data (up from 15GB previously), 150GB of cloud storage and HBO Max Basic with Ads, along with usage in Mexico and Canada as well as texting to friends internationally. Note that all of Cricket's plans have video streaming in SD (around 480p), below the HD (1080p) that's standard on most other plans. All of Cricket's new plans include taxes and fees in the monthly price. Carriers such as T-Mobile have begun to split those out, which end up as additional charges on customers' monthly bills. Cricket's price drops follow similar moves made by the prepaid mobile providers from other carriers. Back in April, Verizon's Visible added a new $45-per-month higher-tier plan with 4K video streaming and international travel service. A year ago, Boost Mobile emerged from its transition to new ownership under Dish Network with refreshed offerings including a $25 monthly plan as its new cheapest option.
