\nIf an app markets itself as being for \u201cchild monitoring\u201d, a customer might expect that their data and those of the person you\u2019re monitoring is handled with the utmost care and respect. However, as we’ve seen many times before, stalkerware (which is what monitoring software is known as) apps have a tendency to be low quality and lack security. <\/p>\n
Stalkerware refers to apps and other monitoring software that enable someone to secretly spy on another person\u2019s private life via their mobile device or computer. Many stalkerware apps market themselves as parental monitoring tools, but they can be\u2014and often are\u2014used to stalk and spy on a person. Sadly, the most common users of stalkerware are domestic violence abusers, who load these programs onto their partner\u2019s device without their knowledge.<\/p>\n
To prove our point about lacking security, researcher Eric Daigle found that an Android app called Catwatchful has exposed the data of thousands of its customers, along with its administrator. <\/p>\n
Catwatchful claims it is \u201cinvisible and cannot be detected\u201d, and uploads the victim’s photos, messages, and real-time location data to a dashboard for the person monitoring to see. It also can remotely tap into audio recorded by the phone’s microphone, as well as access both front and rear phone cameras.<\/p>\n
Make no mistake, this is nasty stuff.<\/p>\n
And now it turns out that the data hasn’t been stored securely. The exposed database, which the researcher shared with TechCrunch, contained the phone data from 26,000 victims\u2019 devices as well as the email addresses and plain text passwords of more than 62,000 customers.<\/p>\n
Stalkerware apps continue to pose a serious threat to privacy and security. Over the past years, several cases have revealed how these apps not only violate victims\u2019 privacy but also expose sensitive data due to poor security practices. Recent leaks revealed that apps like Spyzie, Cocospy, and Spyic exposed millions of victims\u2019 private information, including messages, photos, and locations. The attackers also obtained the email addresses of more than three million customers. Because the flaw was so easy to exploit, researchers kept the details under wraps to prevent further damage. After the breach, these apps disappeared from the internet, likely trying to avoid legal consequences rather than fixing security.<\/p>\n
Another case involved Spyhide, where a security researcher uncovered a decade of surveillance on tens of thousands of Android devices. The app\u2019s poorly secured backend let attackers access call logs, messages, and location data from tens of thousands of victims.<\/p>\n
The infamous mSpy monitoring app has suffered multiple leaks, with millions of records including personal documents and monitored activity exposed. Even high-profile users were found among its customers. Despite repeated breaches, mSpy\u2019s security remains weak, putting victims at ongoing risk.<\/p>\n
These cases highlight a harsh reality: Stalkerware companies put profits before privacy, leaving victims and users vulnerable to further harm. As these apps operate in legal grey areas, it’s important to stay alert about the dangers they bring.<\/p>\n
## Considering using a monitoring app?<\/p>\n
If you are thinking about installing such an app, and you are reading this:<\/p>\n
1. Don\u2019t!
2. Remember that using an app like this without the person’s permission is illegal in almost every country, unless it\u2019s done with consent of the government itself.
3. We have never heard of anyone who was able to solve a problem by using stalkerware. Usually resorting to stalkerware only makes it worse.
4. Consider the consequences of the person finding out what you did. The lack of security and repeated breaches of these apps demonstrate that it is a distinct possibility.
5. Listen to this podcast.<\/p>\n
Malwarebytes, as one of the founding members of the Coalition Against Stalkerware makes it a priority to detect and remove stalkerware from your device. It is good to keep in mind however that by removing the stalkerware you will alert the person spying on you that you know the app is there.<\/p>\n
## Check your exposure<\/p>\n
Unfortunately, breaches are an everyday occurrence. If you want to see how much of your personal data has been exposed online, Malwarebytes has a free tool that you can use to check. Submit your email address (it\u2019s best to give the one you most frequently use) to our free Digital Footprint scan and we\u2019ll give you a report and recommendations.<\/p>\n
SCAN NOW<\/p>\n
If you are looking for a way to remove stalkerware from your device, Malwarebytes Premium Security and Malwarebytes Mobile Security can help.\n<\/p><\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title Catwatchful “child monitoring” app exposes victims’ data Update ID MALWAREBYTES:076D2F259777FA4C0392F0E067E515BD Type malwarebytes Published 2025-07-03T12:23:28 Last Updated 2025-07-03T12:23:28 Security Impact…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,34,12,115,13,33,7,11,5],"class_list":["post-7526","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n
Catwatchful “child monitoring” app exposes victims’ data - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=7526\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Catwatchful “child monitoring” app exposes victims’ data - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title Catwatchful “child monitoring” app exposes victims’ data Update ID MALWAREBYTES:076D2F259777FA4C0392F0E067E515BD Type malwarebytes Published 2025-07-03T12:23:28 Last Updated 2025-07-03T12:23:28 Security Impact...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=7526\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-03T09:34:58+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7526#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7526\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Catwatchful “child monitoring” app exposes victims’ data\",\"datePublished\":\"2025-07-03T09:34:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7526\"},\"wordCount\":793,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"malwarebytes\",\"news\",\"NONE\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7526#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7526\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7526\",\"name\":\"Catwatchful “child monitoring” app exposes victims’ data - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-07-03T09:34:58+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7526#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7526\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7526#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Catwatchful “child monitoring” app exposes victims’ data\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Catwatchful “child monitoring” app exposes victims’ data - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=7526","og_locale":"en_US","og_type":"article","og_title":"Catwatchful “child monitoring” app exposes victims’ data - zero redgem","og_description":"Security Update News Update Information Title Catwatchful “child monitoring” app exposes victims’ data Update ID MALWAREBYTES:076D2F259777FA4C0392F0E067E515BD Type malwarebytes Published 2025-07-03T12:23:28 Last Updated 2025-07-03T12:23:28 Security Impact...","og_url":"https:\/\/zero.redgem.net\/?p=7526","og_site_name":"zero redgem","article_published_time":"2025-07-03T09:34:58+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=7526#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=7526"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Catwatchful “child monitoring” app exposes victims’ data","datePublished":"2025-07-03T09:34:58+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=7526"},"wordCount":793,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","malwarebytes","news","NONE","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=7526#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=7526","url":"https:\/\/zero.redgem.net\/?p=7526","name":"Catwatchful “child monitoring” app exposes victims’ data - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-07-03T09:34:58+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=7526#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=7526"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=7526#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Catwatchful “child monitoring” app exposes victims’ data"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7526","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7526"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7526\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7526"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7526"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}