The second coming of the notorious spyware, Spyhide, has met an abrupt and definitive end. Reports reveal that the spyware’s critical back-end server, which had survived the initial shutdown and enabled the app’s continued operation, was recently taken offline by its web hosting provider, Hetzner. This action was prompted by the client’s violation of Hetzner’s terms of service.
Hetzner spokesperson Christian Fitz confirmed, “In addition, we have terminated the customer’s server contract in due time.” With the back-end server being disconnected and the associated website now defunct, it appears that the spyware’s days are truly numbered.
The Spyhide saga first came to light in late July 2023 when a cybersecurity researcher and hacktivist stumbled upon this malicious mobile software. Spyhide, categorized as mobile malware, had the sinister capability to relay real-time information from the compromised device to another, including data on contacts, messages, photos, call logs, recordings, and precise location details. Developed by an Iranian company, this commercial product earned the moniker “spouseware” due to its common use by distrustful partners. Typically, it would be surreptitiously installed on a significant other’s device to monitor their activities, all while remaining concealed on the victim’s mobile phone.
The app reportedly boasted tens of thousands of customers who used it to transmit hundreds of thousands of sensitive data fragments about their spouses, partners, and more. Hacktivists had previously breached Spyhide’s servers and obstructed access to the pilfered data. However, because the app was still present on tens of thousands of devices and maintained communication with its command-and-control (C2) server, its operators managed to rebrand it and carry on with their activities.
Now, with the rebranded version of the app named “Oospy,” the tables have turned. The termination of its back-end server by Hetzner has effectively brought the entire operation to a halt. This move signifies a significant blow to the spyware’s resurgence and serves as a testament to the ongoing efforts to combat such malicious software.
