logo
#

Latest news with #Daigle

Catwatchful: The Android app that secretly stole 62,000 email addresses and passwords
Catwatchful: The Android app that secretly stole 62,000 email addresses and passwords

Indian Express

time04-07-2025

  • Indian Express

Catwatchful: The Android app that secretly stole 62,000 email addresses and passwords

A security vulnerability in a stealthy Android stalkerware named Catwatchful seems to have leaked more than 62,000 user credentials, including that of its administrator. The exploit was first discovered by a Canadian researcher named Eric Daigle, who claims that the leaked data includes email addresses and passwords stored in plain text. This data was used by the spyware's customers to access data stolen from the phones of unsuspecting victims. Catwatchful is a stalkerware for Android devices that disguises itself as a child-monitoring app. It works by uploading the victim's private information like photos, call logs, passwords, real-time location and other information by uploading it to a dashboard that can only be accessed by the person who planted it. What makes it even more dangerous is that Catwatchful can also tap in the live ambient audio using the phone's microphone and even access both front and rear cameras. Unlike most spyware apps for Android, Catwatchful uses its very own infrastructure and also offers a 3-day free trial, which is a rarity for a spyware app. The app developer also says that 'Catwatchful is invisible. It cannot be detected. It cannot be uninstalled. It cannot be stopped. It cannot be closed. Only you access the information it collects.' Unsurprisingly, it is not available on the Play Store and requires users to manually download and install it, which is often referred to as sideloading, which means only someone with physical access to your device will be able to install it. Daigle said he started by making a free trial account on the Catwatchful website, which is when he noticed that the website registered his information in two different locations, one of which was hosted on a domain called When installed, the app requested all sorts of permissions and hid itself as a system app. Also, all of the stolen data was stored in Firebase and accessed via a web control panel. However, the custom backend the app developer was using was vulnerable to a SQL injection attack. Daigle said he used this very flaw to access the service's entire user database, which included email addresses and passwords of people who were using Catwatchful to spy on others, which amounted to more than 62,000. As it turns out, it also included information of devices that were being monitored. According to TechCrunch, the majority of devices that were compromised were located in Mexico, Colombia, India, Peru, Argentina, Ecuador, and Bolivia. The publication says the list is in order of the number of victims. What's even more surprising is that some of these records date back to 2018, which suggests that Catwatchful has been operating and stealing data for at least 7 years.

Catwatchful child monitoring app is actually spyware that leaked user data online — how to stay safe
Catwatchful child monitoring app is actually spyware that leaked user data online — how to stay safe

Tom's Guide

time03-07-2025

  • Tom's Guide

Catwatchful child monitoring app is actually spyware that leaked user data online — how to stay safe

Catwatchful is an app that claims to be a 'child monitoring app' but is, in actuality, a spyware app that acts invisibly on phones to send a victim's data back to a dashboard viewable by the person who downloaded it. Also called 'stalkerware' this app experienced a data breach via a security flaw that exposed both the email addresses and passwords of thousands of customers – and the phone data of thousands of victims. Security researcher Eric Daigle reported in a blog post that a vulnerability revealed the spyware app's full database of email addresses and plaintext passwords for more than 62,000 customers and phone data from 26,000 victims. Additionally, as reported by TechCrunch, the administrator of the Catwatchful operator was also exposed in the breach. The compromised devices were from (in order of victim numbers) Mexico, Colombia, India, Peru and Argentina among others. The Catwatchful app uploads a victim's phone contents to a dashboard, which is viewable by the person who secretly installed the app, which includes a concerning amount of data such as photos, messages, access to front and rear cameras, microphone access and real time location data. This presents an obvious security risk to the victim – stalkerware and spyware apps are non-consensual surveillance apps that are frequently used against domestic and romantic partners in ways that violate laws which is exactly why these types of apps are banned and need to be downloaded by someone who has direct physical access to the phone. Catwatchful is not the first spyware app to suffer a data breach; according to TechCrunch, it's at least the fifth this year – a clear indication that consumer grade spyware offerings are spreading more widely even though what they are offering is 'shoddy codding and security failings that expose both paying customers and unsuspecting victims to data breaches.' Get instant access to breaking news, the hottest reviews, great deals and helpful tips. According to Daigle, the Catwatchful API was unauthenticated which is what allowed anyone on the open internet to interact with the user database without a login; the whole database of email addresses and passwords were exposed. While the API was briefly taken down, it was then back up again. Google is apparently investigating the Firebase involvement but has added protections that enable Google Play Protect to alert users when it detects Catwatchful spyware or its installer on a user's phone. Catwatchful claims it cannot be uninstalled, however, there are still things that can be done. First, as with any spyware or stalkerware, have a safety plan in place. Disabling this type of software can potentially alert the person who installed it in the first place, so always protect yourself first. If you're looking for additional resources, you might want to contact the Coalition Against Stalkerware. Android users who suspect they have Catwatchful installed can dial 543210 on their device's keypad and hit call. If its installed, it should appear on the screen - this code is a backdoor feature to regain access to the settings once the app has been hidden but it also shows if the app is installed, so if you use it you may also ping the person who installed it. Next steps: Make sure Google Play Protect is enabled, and check the permissions sections of your phone. If you don't recognize the apps that have permissions that should be a clear warning sign, particularly accessibility services. Check your Android device's app list and remove anything you didn't approve or don't recognize. Also make sure you have a lock screen enabled and protect your accounts using two-factor authentication whenever possible to prevent anyone from accessing them easily. For added security, the best Android antivirus apps can help provide you with additional protection like a VPN and identity theft protection. Spyware and stalkerware are very real threats that need to be taken extra seriously as they typically aren't installed on your phone by hackers but by someone you know. This breach is certainly concerning for those affected by it but it also serves as a wakeup call and a reminder of the threat posed by these types of apps.

Stealth app Catwatchful caught spying on thousands of phones, leak reveals emails, passwords and its own admin
Stealth app Catwatchful caught spying on thousands of phones, leak reveals emails, passwords and its own admin

India Today

time03-07-2025

  • India Today

Stealth app Catwatchful caught spying on thousands of phones, leak reveals emails, passwords and its own admin

A stealth app called Catwatchful has allegedly been caught in its own trap after a major security flaw exposed sensitive data of both its users and victims. The app, which disguises itself as a child-monitoring tool, has been silently stealing data from thousands of Android phones – including photos, messages, location details, and even live audio from microphones and cameras. But a newly discovered vulnerability has turned the tables. advertisementCanadian security researcher Eric Daigle found that Catwatchful's database was completely exposed online due to a misconfigured, unauthenticated API. This meant that anyone could access sensitive data, including the email addresses and plain-text passwords of over 62,000 customers, along with private phone data from more than 26,000 victims. The majority of affected devices were located in countries like India, Mexico, Colombia, Peru, Argentina, Ecuador, and Bolivia. The exposed data includes records stretching back as early as 2018. In a blog post, Daigle explained that Catwatchful operates by being manually installed on a victim's device by someone with physical access – often a romantic partner or family member – making it a form of stalkerware. Daigle's investigation also revealed that Catwatchful used Google Firebase to host stolen data, like users' photos and real-time audio recordings. Upon being alerted, Google said it had added Catwatchful to its Play Protect tool to warn Android users of the spyware. advertisementThe breach didn't just expose victims, it also revealed the identity of Catwatchful's operator. The developer behind the spyware was identified as Omar Soca Charcov, a software engineer residing in Uruguay, according to a report by TechCrunch. Charcov's details, including his personal email, phone number, and even the Firebase web address used to store stolen data, were found in the database. Charcov's LinkedIn profile used the same email address found in the spyware data, as per the report. He reportedly also linked his personal email account to the administrator account for Catwatchful, making it easy to trace him as the operator. Following the discovery, Daigle informed the hosting provider for Catwatchful's API, which briefly suspended the spyware's services. However, the API later returned via HostGator. Google is apparently reviewing whether Catwatchful violated its Firebase terms, but at the time of writing the story, the app's database remains online.- Ends

Local pickleballers fare well at 55+ Games, funding at risk
Local pickleballers fare well at 55+ Games, funding at risk

Hamilton Spectator

time16-06-2025

  • Sport
  • Hamilton Spectator

Local pickleballers fare well at 55+ Games, funding at risk

From June 3–5, well over 1,000 senior athletes converged on Steinbach to participate in the 2025 Manitoba 55+ Games. At least three residents from Ritchot and Niverville emerged with medals thanks to their dedication to and love of pickleball. Taking silver were Neal Hastings of St. Adolphe, as well as Perry Daigle of St. Pierre-Jolys. Also from St. Adolphe was Gerard Gill, who walked away with a bronze medal. Daigle and Gill are regulars to Niverville's CRRC daytime pickleball programming. The senior men's pickleball competition took place on the morning of June 5. Hastings and Bradford Neal Hastings and his partner Ken Bradford of St. Andrews were registered in the 60–64 age group of the 4.0 category. In the Manitoba Games, this is the highest category in which one can register. The duo walked away with a silver after five round robin and two playoff games. As impressive as the second-place finish is, though, Hastings says it wasn't his personal best. 'I won a gold medal in Halifax in the men's 60+ [category] last year,' says Neal. 'I've won a few gold medals in provincial tournaments over the years, so I kind of hoped I'd do better.' Hastings has played with a variety of different partners in men's pickleball competitions, as well as partnering with his wife when he plays in the mixed category. Together, the husband-wife team took gold medals at the 2022 and 2024 Manitoba Games and silver medals in 2023 and 2025. The pair first became interested in the sport four years ago and they haven't looked back since. As winter snowbirds, they play numerous times per week in warmer climes. When back on home turf, Hastings plays with a group of friends at the Dakota Community Centre. Hastings is also involved in the organization of the Pickleball Canada National Championships, which is coming to Winnipeg this year. Already, he says, more than 700 people are registered to play at the Taylor Tennis Centre, where 32 courts will be set up for the event. Why is pickleball such a growing phenomenon within the senior community? Hastings says there are a number of factors. 'It's physical fitness, it's a whole bunch of laughs, and it's getting together with [friends] three times a week and just having a good time.' Daigle and Poirier Competing in the 60–64 age bracket at a 3.0 level was Perry Daigle and his partner Ron Poirier, staff sergeant of the St. Pierre-Jolys RCMP department. For Daigle, the Manitoba Games were a completely new experience, having only played a number of lowkey tournaments in Niverville prior. 'The facilities [in Steinbach] were wonderful,' Daigle says. 'They had nine courts in the new arena. I'd never made it to the finals anywhere before, so [it was interesting that] they had a referee monitoring the [lines] and the score.' For Daigle and Poirier, the gold medal was well within reach as they played a nip-and-tuck closing game. Leading their opponents with a score of 11–10, the opposition jumped ahead in the end to nab the win. Daigle joined the pickleball craze only two years ago. He admits that he draws on his ping pong skill from decades earlier. Court dimensions, he believes, is one of the reasons that pickleball captures the interest of senior citizens. 'It's the size of the court and the number of people,' Daigle says. 'You have only a little bit of real estate to look after, which is doable for people our age.' Gill and Gerylo Partners Gerard Gill and Gary Gerylo played in the 65–69 age group at a level of 3.0. The games in Steinbach qualified as Gill's second time in the Manitoba competition. Until recently, Gill's sport of preference was badminton, in which he has competed on a national level, including at the U.S. national seniors games, which boasts itself as the largest seniors multisport event in the world. For Gill, pickleball felt like a natural transition from there. 'The switch to pickleball was necessitated by my shoulder,' Gill says. 'All those overhead strokes in badminton and my shoulder said, 'That's enough!' So I took up pickleball.' While competition is in his blood, he admits that, these days, entering events like the Manitoba Games is mostly about meeting like-minded people and having fun. 'I thought [the Steinbach Games] were really well run,' Gill says. 'The times were accurate and it flowed really well. I hadn't been in that Southeast Event Centre before and it's gorgeous.' The Seniors Games The Manitoba 55+ Games take place every other year, in odd years. Winners of the provincial competitions can move on to the Canada 55+ Games, held in even years. Steinbach played host to the Manitoba Games twice before, in 1993 and 2011. Unfortunately for the winners of the 2025 provincial games, there will be no Canada 55+ games in 2026. According to the Canadian Senior Games Association (CSGA), next year's nationals, which were scheduled to take place in Winnipeg, have been postponed to 2028 due to funding challenges and rapid growth in participation. 'This is such an unfortunate situation where we have a national event that encourages so many seniors to stay both physically and mentally active, and yet, despite constant door knocking, emails, and grant applications, we can't find the funding to support it,' says CSGA President Dave Finn. Supporters and participants are encouraged to contact their local members of Parliament to encourage government funding that ensures the long-term success of the national games. Error! Sorry, there was an error processing your request. There was a problem with the recaptcha. Please try again. You may unsubscribe at any time. By signing up, you agree to our terms of use and privacy policy . This site is protected by reCAPTCHA and the Google privacy policy and terms of service apply. Want more of the latest from us? Sign up for more at our newsletter page .

Catholic priest dies after falling ill during mass in Iberville Parish
Catholic priest dies after falling ill during mass in Iberville Parish

Yahoo

time09-06-2025

  • General
  • Yahoo

Catholic priest dies after falling ill during mass in Iberville Parish

BATON ROUGE, La. (Louisiana First) — Catholics in the Baton Rouge area are mourning the death of a pastor. Father Greg Daigle, 66 of St. John the Evangelist in Plaquemine died on Sunday, June 8. The Catholic Diocese of Baton Rouge announced his passing in a social media post. According to a post by St. John the Evangelist, Father Daigle fell ill during the 9 a.m. mass and was taken to a hospital. Despite their best efforts, the pastor passed away. Father Michael Alello, Pastor at St. Aloysius Catholic Church, said online that he was 'heartbroken.' Along with being pastor at St. John the Evangelist, the Diocese of Baton Rouge noted that Father Daigle had many roles over the years including pastor at Immaculate Conception in Lakeland and Parochial Vicar at multiple churches. There are currently no details about funeral services for Father Daigle. Pope Leo XIV appoints sixth bishop for Houma-Thibodaux area Catholic priest dies after falling ill during mass in Iberville Parish Will Chrysler's next 100 years be electrified? What to know about Trump's deployment of National Guard troops Reporter hit as LA officers fire rubber bullets at protesters Hamlin gets 3rd 2025 win at Michigan Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store