{“lastseen”:”2025-09-29T14:48:33″,”description”:”We’ve covered spyware and stalkerware leaks many times before, but we don’t often see such exposure in software used by law enforcement.\\n\\nAccording to a report by Straight Arrow News (SAN), the hacker \u201cwikkid\u201d said the intrusion against RemoteCOM was \u201cone of the easiest\u201d they\u2019d ever carried out. \\n\\nRemoteCOM describes itself as \u201cthe premier computer, smartphone and tablet monitoring service for the management of pretrial, probation and parole clients\\”. According to a leaked training manual, its software, sold as \\”SCOUT\\”, says it can be used to track targets ranging from sex offenders, sex traffickers, and stalkers to terrorists, hackers, and gang members.\\n\\nBehind its official branding, SCOUT behaves like spyware: it records keystrokes, captures screenshots, and even sends out an alert if the tracked person types certain keywords.\\n\\nThe hacker accessed two key files: \u201cofficers\u201d (6,896 entries), containing the names, phone numbers, work addresses, email addresses, unique IDs, and job titles of people working in the criminal justice system who have used RemoteCOM\u2019s services, and \u201cclients\u201d (around 14,000 entries), covering individuals currently or previously monitored by SCOUT; listing names, email addresses, IP addresses, home addresses, and phone numbers, alongside the names and emails of their probation officers. \\n\\nThe files also contained details of the offenses clients were charged with, ranging from sex offenses, weapons, and narcotics cases to terrorism, stalking, domestic violence, sex trafficking, fraud, violence, and hacking.\\n\\n_Image courtesy of SAN_\\n\\nThis type of data leak can be dangerous for both sides of the app. Clients tagged with the keyword \\”sex\\” are not necessarily convicted sex offenders\u2014they could be suspects under surveillance or have not yet been to trial\u2014but that distinction might not stop any vigilantes out there.\\n\\nFor officers, the leak of names, contact details, and workplaces could expose them and their families to threats of violence. One officer even had the app installed on the phones of their sister-in-law and fianc\u00e9, making the breach especially personal.\\n\\nSpeaking to SAN, a spokesperson for RemoteCOM said:\\n\\n\\u003e \u201cWe are assessing the situation currently along with your article that you posted.\u201d\\n\\n## **Protecting yourself after a data breach**\\n\\nThere are some actions you can take if you are, or suspect you may have been, the victim of a data breach.\\n\\n * **Check the vendor\u2019s advice.** Every breach is different, so check with the vendor to find out what\u2019s happened and follow any specific advice it offers.\\n * **Change your password.** You can make a stolen password useless to thieves by changing it. Choose a strong password that you don\u2019t use for anything else. Better yet, let a password manager choose one for you.\\n * **Enable ****two-factor authentication (2FA****).** If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of 2FA can be phished just as easily as a password, but 2FA that relies on a FIDO2 device can\u2019t be phished.\\n * **Watch out for fake vendors.** The thieves may contact you posing as the vendor. Check the company\u2019s website to see if it\u2019s contacting victims and verify the identity of anyone who contacts you using a different communication channel.\\n * **Take your time.** Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.\\n * **Consider not storing your card details**. It\u2019s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.\\n * **Set up ****identity monitoring** , which alerts you if your personal information is found being traded illegally online and helps you recover after.\\n\\n\\n\\n* * *\\n\\n**We don ‘t just report on threats – we help safeguard your entire digital identity**\\n\\nCybersecurity risks should never spread beyond a headline. Protect your\u2014and your family’s\u2014personal information by using identity protection.”,”published”:”2025-09-29T14:27:02″,”modified”:”2025-09-29T14:27:02″,”type”:”malwarebytes”,”title”:”Sex offenders, terrorists, drug dealers, exposed in spyware breach”,”source”:””,”references”:””,”id”:”MALWAREBYTES:FCA0296FEB7FC731288D5F72A7884094″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/09\/sex-offenders-terrorists-drug-dealers-exposed-in-spyware-breach”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-09-29T14:48:33″,”description”:”We’ve covered spyware and stalkerware leaks many times before, but we don’t often see such exposure in software used by law enforcement.\\n\\nAccording to a report…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-19520","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n