Particle.news
Download on the App Store
4 ARTICLES
·
last wk.

Catwatchful Stalkerware Database Remains Exposed as Google Flags Installations

Google Play Protect now flags Catwatchful installations after its exposed database of 62,000 customer accounts stayed accessible.

a blurred screenshot of Catwatchful's website
Digital illustration of an eye as an abstract representation Internet surveillance.

Overview

  • A misconfigured API still leaves Catwatchful’s database online, exposing over 62,000 customer credentials and private phone data from 26,000 victims.
  • Google Play Protect has been updated to detect and warn users about Catwatchful installations, and Firebase is under review for potential terms-of-service violations.
  • The operator’s account was briefly suspended by the initial hosting provider before the API resurfaced on HostGator, where it remains active.
  • Have I Been Pwned has been notified of the breach and is sending alerts to the exposed users.
  • Catwatchful is the fifth known stalkerware operation this year to suffer a data spill, highlighting the rapid growth of consumer spyware and challenges for platforms policing illicit surveillance services.