Spyware maker LetMeSpy to close shop after hacker trashes server; read full notice

In a stunning turn of events, LetMeSpy, a notorious spyware maker based in Poland, has announced its permanent shutdown after falling victim to a severe data breach in June. The devastating attack resulted in the complete wipeout of the company's servers, eradicating a vast trove of data stolen from thousands of victims' smartphones.

Hacker Erases Data, Leaving No Trace Behind

LetMeSpy, once infamous for its Android phone monitoring app that adeptly concealed itself on victims' home screens, making it exceptionally difficult to detect and remove, has now ceased all operations. The spyware service is scheduled to be completely offline by the end of August, with users already blocked from logging in or creating new accounts, according to a TechCrunch report.

Insights from Leaked Data

The breach, orchestrated by an unidentified hacker, involved unauthorized access to LetMeSpy's database. The attacker not only gained entry but also downloaded and purged data from the website, leaving no trace behind.

TechCrunch's network traffic analysis revealed that LetMeSpy's app is now completely defunct, and the spyware maker's website no longer provides access to the application for download purposes.

The shocking scope of LetMeSpy's espionage activities came to light when a copy of their database was obtained by DDoSecrets, a nonprofit transparency collective focused on indexing leaked datasets of public interest. The data indicated that, until recently, LetMeSpy had sensitive information from over 13,000 compromised Android devices worldwide. Curiously, the company had previously boasted control over more than 236,000 devices before the breach.

The Mysterious Developers Behind LetMeSpy

Further investigation into the spyware's origins revealed that it was developed by a tech company called Radeal, located in Krakow. Despite efforts to reach the chief executive, Rafal Lidwin, for comment, he remained silent on the matter.

LetMeSpy's demise marks the latest instance of spyware operations shuttering due to security incidents, exposing both victims' data and the identities of the malicious actors behind them. A previous example includes Spytrac, which had a massive database containing more than a million user records. Operated by Support King, the company had been banned from the surveillance industry by federal regulators in 2021 after failing to secure stolen data from their then-flagship spyware app, SpyFone.

Read full notice by LetMeSpy below:

Notice on permanent shutdown of letmespy.com website

Dear All,

We would like to kindly inform you that as of August 31, 2023, the letmespy.com website will cease operations, therefore we would like to provide you with some information.

User Accounts

Due to the data security incident that took place on June 21, 2023 (you can read the notices, regarding the breach, here), access to User Accounts was blocked, for security reasons. After that date, the LetMeSpy service was disabled, as well as the option to log into User Accounts and register new User Accounts on the site.

Contact information

If you wish to access the data available within your User Account, please contact us individually regarding this matter by September 30, 2023, at: ibd@radeal.pl

After the expiration of retention period under the applicable law, the data stored in User Accounts will be deleted.

LetMeSpy Website Administrator

The aftermath of this data breach serves as a grim reminder of the dangers posed by such malicious software, and it emphasizes the critical importance of safeguarding personal data and strengthening cybersecurity measures to protect against future attacks. As LetMeSpy fades into history, the digital landscape remains on high alert, vigilant against potential threats from other espionage entities lurking in the shadows, but the going is tough and much depends on individual users adopting safer habits. It is they who can actually make the difference.