Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Amazon will not say if it plans to take action against three phone surveillance applications that save individual phone data on Amazon’s cloud servers, TechCrunch notify TechCrunch a few weeks ago that it is hosting the stolen phone data.
Amazon told TechCrunch it was “the following” [its] The process after our February notice ”, however, as the time of publishing this article, Stackerware Operations cocrospi, Spike and Spyazi Amazon Web Services tend to upload and save expatrated photos from the People’s Phone.
Cocrospi, spikeAnd Spy A security researcher who has discovered it by sharing the same source code and a general protection bug, which is invented by three nearest-known Android applications, said it and provided TechCrunch details. Researchers have revealed that the operations have published phone data on a combined 1.5 million people, many of whom have no idea that their devices have been compromised. The researcher shared data with the breach notification site What have I been pwned?The
As part of our investigation in the stackerware operation, which included the applications themselves, the contents of the device compromised by the stallerware applications were uploaded by Amazon Web Services or AWS storage server.
TechCrunch informed Amazon on February 20 that it was hosting expatrated data by Cocospi and Spike and again this week when we informed Amazon it was also hosting the stolen phone data encouraged by Space.
Both emails include the name of each specific Amazon-hosted storage “bucket” in the TechCrunch so that the affected people have data taken from the phone.
In response, Amazon spokesperson Ryan Walsh TechCrunch tells: “There is a clear condition of AWS that our customers need to use our services with consent with applicable laws. When we get reports of our terms, we work fast to disable forbidden materials” “Walsh used a lot of action to take action by an abuse of a web. Will not comment on the status of the servers.
This week, in a follow-up email, TechCrunch mentions the previous email on February 20 so that Amazon-hosted storage bucket names were included.
In response, Walsh thanked TechCrunch for “to focus on us and provided another link to Amazon’s report abuse form.” When asked if Amazon planned to take action against the buckets, Walsh replied: “We have not yet received any abuse report from TechCrunch through the link provided.”
Amazon spokesperson Cassy McGie claimed that it would be wrong on TechCrunch to identify this thread of this thread as one [sic] To form a ‘report’ of any possible abuse. “
Amazon Web Services, which has a commercial interest in retaining customers, gained $ 39.8 billion in 2024 Earn 2024 full yearAmazon represents the majority of the total annual income.
Storage buckets used by cocospi, spike and Space are still active as time to publish.
Why is it important
Amazon’s own Acceptable use policy The company is extensively spelled out that the customer allows customers to host its platform. Amazon does not seem to debate spyware and stalkerware operations to upload data to its platform. Instead, Amazon’s dispute seems to be completely systematic.
This is not a journalist’s job – or someone else – the police has been hosted on the Amazon platform, or the cloud platform of any other organization.
Amazon has huge resources both financially and technically to use their own principles that bad actors are not abusing his service.
In the end, the TechCrunch provided the notice to Amazon, with information that directly stolen the stolen private phone data on the location of the trove. Amazon has made a choice for not working on the data obtained.
How did we host the Victims’ Data Amazon
When TechCrunch has learned a surveillance-related data violation- A few dozen stackers have been hacked and leaked in recent years – We investigate as much as we can to learn as much about the operation.
Could investigate us Help to identify the victims of those whose phone has been hackedHowever, surveillance operators themselves can also reveal the identities of the hidden real-world, as well as which platforms are used to simplify surveillance or host the stolen data for the victims. TechCrunch will analyze applications (where available) to assist the victims Determine how to identify and remove applicationsThe
As part of our reporting process, TechCrunch will deliver any organization to any organization that we identify as hosting or supporting spyware and stalkerware operations, such as standard practice for journalists mentioned in an organization in any story. It is also not unusual for companies Web host and payment processorTo suspend accounts or remove data Violation of their own services termsWith Previous spyware operations that have been hosted on AmazonThe
In February, TechCrunch learned that Kokospi and Spike were violated and we traveled to further investigation.
Since data has shown that most of the damage was owned by Android devices, the TechCrunch began to detect, download and install cocroscopy and spike applications on a virtual Android device. (A virtual device allows us to run stallerware applications in a protected sandbox without giving us any real-world data as our position)
We have used a network traffic analysis equipment to inspect the applications between and out of data, which can help determine how each application works and uploaded the key phone data from our test device.
Web traffic has shown that two Stallkerware applications are uploading data to some affected people like photos on the Amazon Web Services.
We login to the dashboards of CocosPi and Spike user, which lets the stackerware applications to see the stolen data of the target of the people that planted. Web dashboards allowed our virtual Android device to access the contents of the photo gallery once we deliberately compromised our virtual device with stickerware applications.
When we opened the contents of our device’s photo gallery from the web dashboard of each app, images loaded from the web addresses containing their respective buckets were hosted amazonaws.com Domain, which is governed by the Amazon Web Services.
Following the subsequent news of the Space Data violationTechCrunch has analyzed the Android application of Space by using a network analysis equipment and has considered traffic data as the same as cocospi and spike. The Spice app was similarly uploading the device’s device to the victim’s cloud in Amazon’s cloud, which we warned Amazon on March 10.
If you or someone you know requires help, National Domestic Violence Hotline (1-800-799-7233) provides the victims of domestic torture and violence 24/7 free, confidential assistance. If you are in an emergency situation please call 911. The Alliance against stalkerware If you think your phone is upset by spyware, there is resource.
