Software
Brazilian phone spyware was hacked and victims’ devices were ‘deleted’ from server
Portuguese-language WebDetetive spyware has compromised over 76,000 Android phones in South America, mostly in Brazil. WebDetetive is the latest phone spyware company hacked in recent months.
Unnamed hackers described how they exploited several security vulnerabilities to compromise WebDetetive’s servers and access its user databases in an undated note seen. The hackers said they enumerated and downloaded every dashboard record, including every customer’s email address, by exploiting other flaws in the spyware maker’s web dashboard, which abusers use to steal phone data.
The hackers said dashboard access allowed them to delete victim devices from the spyware network, severing the server connection to prevent data uploads. We definitely did. Because we could. Hackers wrote #fuckstalkerware in the note.
The spyware’s web dashboard cached over 1.5 gigabytes of data, including the note. That data included customer IP addresses and purchase history. The data also listed each customer’s compromised device, the spyware version running on the phone, and the data the spyware was collecting.
The cache did not contain victims’ phone contents.
DDoSecrets, a nonprofit transparency collective that indexes leaked and exposed datasets, gave the WebDetetive data for analysis.
WebDetetive had compromised 76,794 devices at the time of the breach. It also contained 74,336 unique customer email addresses, but WebDetetive does not verify email addresses when signing up, preventing meaningful analysis of the spyware’s customers.
The hackers of the WebDetetive breach did not provide contact information. Could not independently verify the hackers’ claim that it deleted victims’ devices from the network, but it did verify the stolen data by matching a selection of device identifiers in the cache against a publicly accessible endpoint on WebDetetive’s server.
WebDetetive is a phone monitoring app planted without consent, usually by someone who knows the phone’s passcode.
The spyware’s home screen icon changes after installation, making it hard to detect and remove. WebDetetive then stealthily uploads a person’s messages, call logs, phone call recordings, photos, ambient microphone recordings, social media apps, and real-time precise location data to its servers.
These “stalkerware” (or spouseware) apps have broad access to a victim’s personal and sensitive phone data, but spyware is notoriously buggy and shoddy, putting victims’ already-stolen data at risk.
Meet OwnSpy, WebDetetive
We know little about WebDetetive besides surveillance. Given the reputational and legal risks of spyware production and illegal surveillance, spyware makers often hide their identities. WebDetetive follows suit. Who owns and operates WebDetetive is not listed on its website.
The breached data reveals few details about WebDetetive’s administrators, but OwnSpy, another popular phone spying app, is its main source.
Since Apple and Google ban stalkerware apps from their app stores, downloaded the WebDetetive Android app from its website and planted it on a virtual device to analyze it in a sandbox without giving it real data, such as our location. The WebDetetive app was largely repackaged OwnSpy spyware after we ran a network traffic analysis to understand its data flow. WebDetetive’s user agent, which it sends to the server to identify itself, still called itself OwnSpy even though it was uploading our virtual device’s dummy data.
Mobile Innovations, led by Antonio Calatrava in Madrid, develops OwnSpy. OwnSpy claims to have 50,000 customers and has compromised 50,000 devices, but its website dates to 2010.
An archived copy of OwnSpy’s affiliates website shows that others can make a commission by promoting the app or offering “a new product to your clients” in exchange for a cut of the profits. No other operational links between OwnSpy and WebDetetive are known. Calatrava did not respond to a request for comment or WebDetetive administrator contact information.
OwnSpy’s infrastructure went offline shortly after we emailed Calatrava. In a separate network traffic analysis, Found that OwnSpy’s spyware app was briefly unusable at publication. WebDetetive’s app works.
Destructive attack?
WebDetetive is the second spyware maker to be hacked in recent months. After a hack exposed and deleted victims’ stolen phone data from LetMeSpy’s servers, Polish developer Rafal Lidwin shut down the spyware app. Lidwin refused to discuss the incident.
At least a dozen spyware companies have exposed, spilled, or otherwise compromised victims’ stolen phone data in recent years due to poor coding and easily exploitable security vulnerabilities, according to .
Couldn’t reach WebDetetive administrators for comment. A data breach email to WebDetetive’s support address, including whether the spyware maker has backups, went unanswered. If the spyware maker has the data or records to notify customers or victims of the data breach, it is unclear.
Despite their rarity, destructive attacks can harm spyware victims. Spyware alerts the abuser if the app stops working or is removed from a victim’s phone, and severing a connection without a safety plan could put spyware victims in danger. Those who suspect their phone is compromised can find resources on the Coalition Against Stalkerware website.
Find and remove WebDetetive
WebDetetive and OwnSpy disguise themselves as Android system-presenting Wi-Fi apps, unlike most phone monitoring apps.
WebDetetive is easy to spot. The app is called “WiFi” and has a white wireless icon in a blue circle on a white background.
Tap and hold to view app info; app is called “Sistema.”
If safe, our general guide can help you remove Android spyware from your phone. Google Play Protect can protect your device from malicious Android apps, so enable it. Google Play settings reveal its status.
Software
10 Essential Tips for Maximizing WhatsApp API Integration and Chatbot Efficiency
In today’s digital-first world, effective customer communication can make or break a business. As one of the most widely-used messaging platforms, WhatsApp offers businesses a unique opportunity to connect with customers in real-time. By leveraging WhatsApp API integration and WhatsApp chatbots, businesses can automate communication, streamline customer service, and create a more engaging experience. However, to make the most of these tools, it’s essential to use them strategically.
Here are 10 essential tips to help you maximize the efficiency of WhatsApp API integration and chatbots for your business.
1. Automate Routine Messages and Notifications
One of the biggest advantages of WhatsApp API integration is its ability to automate routine messages such as order confirmations, shipping updates, or appointment reminders. By setting up automated workflows, businesses can ensure that customers receive timely notifications without manual intervention.
Tip: Create automated messages for key touchpoints in the customer journey, such as post-purchase confirmations, service updates, or abandoned cart reminders.
Trick: Use triggers in your CRM or e-commerce platform to automatically send messages when specific customer actions occur, such as making a purchase or booking an appointment.
2. Use Personalization to Enhance Engagement
Personalization is key to building strong customer relationships. With WhatsApp API integration, businesses can personalize messages by using customer data from their CRM systems. Sending tailored communications based on previous purchases or user preferences increases engagement and makes the customer feel valued.
Tip: Integrate WhatsApp with your CRM to pull customer information such as names, purchase history, and preferences. Use this data to create personalized messages that resonate with your audience.
Trick: Segment your customer base and send targeted messages that cater to specific interests or behaviors, such as recommending products based on previous purchases or offering location-based promotions.
3. Set Up a Conversational Chatbot for 24/7 Support
Implementing a WhatsApp chatbot allows businesses to provide instant, round-the-clock support. Chatbots can handle FAQs, guide users through processes, and even assist with purchases, all without human intervention.
Tip: Program your chatbot to answer common queries such as store hours, order status, and return policies, ensuring customers get answers anytime they need them.
Trick: Include a “handoff” feature in your chatbot so it can seamlessly transfer complex issues to a human agent when needed. This ensures a smooth transition for customers who require personalized assistance.
4. Utilize Rich Media for a More Interactive Experience
WhatsApp allows businesses to send more than just text-based messages. Rich media such as images, videos, PDFs, and even audio messages can enhance customer interactions, making your communications more engaging.
Tip: Use WhatsApp to send product demo videos, promotional images, or interactive buttons that guide customers to your website or product pages.
Trick: Incorporate quick reply buttons or rich media elements in your chatbot to guide users through decision-making processes, such as product selection or booking services.
5. Leverage Multi-Language Support for Global Reach
If your business operates in multiple regions or serves a diverse audience, ensure your WhatsApp chatbot supports multi-language communication. This allows you to provide localized customer service and engage with users in their preferred language.
Tip: Design your chatbot to detect the user’s language based on their input or prompt them to select a language at the start of the conversation.
Trick: Regularly update your chatbot’s language database to include any new regions or dialects where your business is expanding, ensuring seamless customer service worldwide.
6. Track Key Metrics to Improve Performance
Analyzing the performance of your WhatsApp API and chatbot is crucial for making data-driven improvements. By tracking response times, customer satisfaction, and engagement rates, you can identify areas for optimization.
Tip: Set up analytics to monitor the performance of your WhatsApp communications, including open rates, response times, and customer interactions with your chatbot.
Trick: Use this data to continually refine your chatbot’s responses, ensuring they meet customer expectations and improve the overall experience.
7. Use Chatbots for Lead Generation and Qualification
WhatsApp chatbots can be powerful tools for capturing leads and qualifying potential customers. A well-designed chatbot can ask initial questions to determine whether a user is a good fit for your product or service, then pass along qualified leads to your sales team.
Tip: Program your chatbot to gather essential information such as customer needs, preferences, or budget, before passing the lead to a human agent for follow-up.
Trick: Use the chatbot to engage potential customers with product recommendations or special offers to encourage them to provide their contact details and enter your sales funnel.
8. Create a Clear Opt-In Process for Messaging
To comply with WhatsApp’s business policies, it’s important to ensure that users have opted in to receive messages from your business. Having a clear opt-in process not only ensures compliance but also builds trust with your customers.
Tip: Make it easy for customers to opt-in by including an opt-in request on your website, through social media, or at the point of sale.
Trick: Incentivize customers to opt-in by offering exclusive content, discounts, or promotions through WhatsApp. This increases the likelihood of gaining permission to message them directly.
9. Use Quick Replies for Faster Customer Support
Quick replies in WhatsApp allow businesses to provide customers with instant answers to common questions. This feature can significantly reduce response times and help streamline customer support.
Tip: Set up a library of quick replies for frequently asked questions (FAQs), such as return policies, product details, or payment methods.
Trick: Combine quick replies with your chatbot to provide a seamless, automated experience for users, ensuring they get accurate information in real time without having to wait for a human response.
10. Ensure Security and Compliance
Given that WhatsApp is used for sensitive customer interactions, ensuring data security and compliance with privacy regulations is critical. WhatsApp’s end-to-end encryption helps keep messages secure, but businesses must still follow best practices to maintain trust.
Tip: Only collect necessary customer data and ensure that it is stored securely in compliance with data protection regulations such as GDPR or CCPA.
Trick: Regularly review WhatsApp’s business policies and ensure your messaging processes are compliant. Avoid sending unsolicited or spammy messages, as this could result in account suspension.
Conclusion
By following these 10 essential tips, businesses can unlock the full potential of WhatsApp API integration and WhatsApp chatbots. From automating routine tasks and enhancing customer support to using data-driven insights for continuous improvement, these tools offer numerous opportunities to improve customer engagement, satisfaction, and business efficiency.
Software
The United States has prohibited the sale of Kaspersky software due to concerns about security risks originating from Russia
The United States government declared on Thursday its prohibition of the sale of Kaspersky antivirus within the nation and is urging American users of the software to transition to an alternative provider.
The Bureau of Industry and Security, a division of the Commerce Department, has implemented a unique ban on Kaspersky, claiming that the company, being headquartered in Russia, poses a threat to both U.S. national security and the privacy of its users.
Russia has demonstrated both the ability and the intention to utilize Russian companies, such as Kaspersky, to gather and weaponize the personal data of Americans. “Hence, we are obliged to undertake the course of action that we are currently implementing,” stated U.S. Commerce Secretary Gina Raimondo during a conference call with journalists.
Reuters was the first to report on the ban before it was officially announced. A representative from Kaspersky did not promptly reply to the inquiry for a comment.
Starting on July 20, Kaspersky will face a ban on selling its software to American consumers and businesses. However, the company will still be allowed to offer software and security updates to its current customers until September 29. Subsequently, Raimondo stated that Kaspersky would be prohibited from delivering software updates to customers in the United States.
“This implies that the quality of your software and services will decline.” Raimondo strongly advises finding an alternative to Kaspersky without delay.
Raimondo stated that U.S. consumers who are currently utilizing Kaspersky’s antivirus software are not in breach of any legal regulations.
Raimondo stated that individuals and businesses in the United States who currently use or have previously used Kaspersky products and services are not breaking the law, have not committed any wrongdoing, and will not face any legal consequences. “I strongly urge you to cease using that software and transition to an alternative as soon as possible to safeguard yourself, your data, and your family.”
Raimondo announced that the Department of Homeland Security and the Justice Department will collaborate to notify American consumers. Additionally, the U.S. government will establish a website to provide affected individuals with the necessary information to comprehend the rationale behind our actions and guide them in taking appropriate measures.
According to a high-ranking official from the U.S. Commerce Department, the federal cybersecurity agency CISA will engage in communication efforts with critical infrastructure organizations that rely on Kaspersky software in order to assist them in identifying alternative options. The official further stated that they have no intention of specifying any particular action by Kaspersky that prompted today’s decision. (The Commerce Department asked reporters not to reveal the official’s identity.)
The ban, which was announced on Thursday, represents the most recent intensification in a protracted sequence of measures taken by the U.S. government against Kaspersky, a company based in Moscow.
In September 2017, the Trump administration implemented a prohibition on the utilization of Kaspersky software by U.S. federal agencies due to concerns that the company may be coerced into assisting Russian intelligence agencies. In a previous report, it was disclosed that Russian state-sponsored hackers had illicitly acquired classified U.S. documents that were stored on the personal computer of an intelligence contractor. This breach occurred due to the use of Kaspersky’s antivirus software, making it the first documented case of espionage resulting from the use of this particular company’s software.
The Wall Street Journal reported in April 2023 that the decision to prohibit Kaspersky has been under development since last year.
According to the company itself, Kaspersky has more than 240,000 corporate clients globally and over 400 million individual customers. The senior official refrained from disclosing the exact number of U.S. customers that Kaspersky has. However, the official mentioned that there are a substantial number of customers, including critical infrastructure organizations as well as state and local government entities.
Android
Google Chrome now has a ‘picture-in-picture’ feature
Google is getting ready to make a big change to how its Chrome browser works. This is because new browsers from startups like Arc are making the market more competitive. The company said on Wednesday that it will be adding a new feature called “Minimized Custom Tabs” that will let users tap to switch between a native app and their web content. When you do this, the Custom Tab turns into a small window that floats above the content of the native app.
The new feature is all about using Custom Tabs, which is a feature in Android browsers that lets app developers make their own browser experience right in their app. Users don’t have to open their browser or a WebView, which doesn’t support all of the web platform’s features. Custom tabs let users stay in their app while browsing. Custom tabs can help developers keep users in their apps longer and keep them from leaving and never coming back.
If you make the Custom Tab into a picture-in-picture window, switching to the web view might feel more natural, like you’re still in the native app. People who send their customers to a website to sign up for accounts or subscriptions might also find this change useful, since it makes it easier for users to switch between the website and the native app.
After being shrunk down to the picture-in-picture window, the Custom Tab can be pushed to the side of the screen. Users can tap on a down arrow to bring the page back to the picture-in-picture window when it is full screen.
The new web experience comes at a time when Google is making it easier for Android users to connect to the web. People can find their way to the web with AI-powered features like Circle to Search and other integrations that let them do things like circle or highlight items.
The change is coming to the newest version of Chrome (M124), and developers who already use Chrome’s Custom Tabs will see it automatically. Google says that the change only affects Chrome browsers, but it hopes that other browser makers will add changes like these.
- Gadgets10 years ago
Why the Nexus 7 is still a good tablet in 2015
- Mobile Devices10 years ago
Samsung Galaxy Note 4 vs Galaxy Note 5: is there room for improvement?
- Editorials10 years ago
Samsung Galaxy Note 4 – How bad updates prevent people from enjoying their phones
- Mobile Devices9 years ago
Nexus 5 2015 and Android M born to be together
- Gaming10 years ago
New Teaser For Five Nights At Freddy’s 4
- Mobile Devices9 years ago
Google not releasing Android M to Nexus 7
- Gadgets10 years ago
Moto G Android 5.0.2 Lollipop still has a memory leak bug
- Mobile Devices9 years ago
Nexus 7 2015: Huawei and Google changing the game