Particle.news

Download on the App Store

Catwatchful Stalkerware Persists Online as Google Flags App and Probes Firebase

Google updated Play Protect to flag Catwatchful following its exposed database

Image
a blurred screenshot of Catwatchful's website
Digital illustration of an eye as an abstract representation Internet surveillance.

Overview

  • A security flaw in Catwatchful’s unauthenticated API exposed more than 62,000 customer email addresses and passwords along with data from 26,000 victim devices.
  • The spyware remained operational on its Google Firebase and HostGator servers after a brief suspension by its hosting provider.
  • Google has updated Play Protect to detect Catwatchful installations and is investigating possible Firebase terms-of-service violations.
  • Researcher Eric Daigle’s discovery also revealed the operator’s identity as Uruguay-based developer Omar Soca Charcov, who has not issued any public statement.
  • Catwatchful is the fifth known stalkerware operation to suffer a data spill this year, underscoring ongoing privacy and security risks of consumer-grade spyware.