5/7/2025–|Last update: 13:38 (Mecca time)
Security researcher Eric Degel managed to access the data of 62,000 user accounts registered in the application of a secret spy on “Android” through an easy -to -use vulnerability, according to the report of “Ars Technica” interested in technology and cybersecurity.
This application comes under the name “Catwatchful”, which is a monitoring and spy application that is installed in Android phones and works in the background to monitor the use of the phone and record everything that passes in front of it and its presentation to the user who installed it through the site designated for it.
The application also boasts that it works in the background completely without the observer user noticed, as this method justifies that it is intended to monitor children and use them for phones, so it must be not noticeable.
A promotional page of the application adds some advantages, such as the user’s inability to remove it from his phone or even notice it without using a secret code owned by the person who installed the application.
Of course, the application has raised the ire of many security experts and those interested in privacy because of the suspicious uses it may be directed against specific users and not only children as the application promotes, according to what was stated in the report.
Eric Degel, who was able to download the application database, indicated that it remains really hidden until you enter a special password that shows you the application and allows you to control and delete it.
Diegel explained that the vulnerability that he used was very easy and simple, as all that you must do is exploit the SQL injection vulnerability to be able to access the application directly and all the data stored in it.
The report added that Dayge was able to track the data of the company that owns the application and where to store its servers and accounts, but the initial service that hosted the application deleted all its data when Dijel communicated with it, and the service that the application transferred to the comment refused to comment about its legal status.
On the one handGoogleThe company has updated the security protection application for the Play App Store to discover any security tool similar to the Cat Watch Fle and delete it as soon as it was discovered.