Cocospy Stalkerware Apps Go Offline After Data Breach
In a significant blow to the world of phone surveillance, a trio of stalkerware apps - Cocospy, Spyic, and Spyzie - has gone offline following a massive data breach. These near-identical but differently branded apps allowed users to spy on millions of people's phones without their knowledge or consent.
Stalkerware apps are designed to stay hidden from device home screens, making them difficult to detect by their victims. However, this also means that the person who planted one of these apps on a target's phone had access to their personal data - including messages, photos, call logs, and real-time location data.
In February, a security researcher revealed that Cocospy and its clones share the same security flaw that allowed anyone to access the personal data of any device with one of the apps installed. This flaw also exposed the email address of every user who signed up for these spyware services, shedding light on the scale of the spying operations behind these apps.
The researcher used this bug to scrape 3.2 million email addresses of Cocospy, Spyic, and Spyzie customers who had signed up and provided those email addresses to the data breach notification site Have I Been Pwned. Following our reporting on the breach, the stalkerware apps have since stopped working, their websites disappeared, and their Amazon-hosted cloud storage was deleted.
It's not clear for what reason the stalkerware operations were shuttered. The operators could not be reached for comment. Consumer-grade phone surveillance operations are known to shut down or rebrand entirely following a hack or data breach, typically in an effort to escape legal and reputational fallout.
This incident is part of a growing list of dozens of phone surveillance operations that have been hacked or exposed their victims' data due to shoddy coding or poor security practices. At least 25 stalkerware operations have been breached since 2017, with at least 10 of those operations - including Cocospy - shutting down in the wake of a breach.
Phone-monitoring apps like Cocospy are often sold under the guise of parental control or tracking software, but are also referred to as "stalkerware" (or spouseware) for their propensity to be misused or explicitly marketed for spying on a person's spouse or partner without their consent, which is illegal.
As such, stalkerware apps are banned from app stores and are not allowed to advertise on search engines. Web hosts like Amazon claim to prohibit surveillance operations from using its platform.
Affected individuals should still take action to remove the spyware from their phones. To detect Cocospy, Spyic, and Spyzie on your Android phone, you can generally enter ✱✱001✱✱ on your phone app's keypad and then press the "call" button.
This backdoor feature prompts the hidden stalkerware apps to appear on-screen if they are installed. From here, you can delete the malicious app, which appears as a generic-looking app called “System Service,” from your device.
If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911.
The Coalition Against Stalkerware has resources if you think your phone has been compromised by spyware. Experts from OpenAI, Anthropic, Cohere deliver exclusive insights across a must-attend industry event that you can attend for just $292. Google I/O 2025: How to watch all the AI and Android reveals
Resources:
The National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence.
The Coalition Against Stalkerware has resources if you think your phone has been compromised by spyware.
Experts from OpenAI, Anthropic, Cohere deliver exclusive insights across a must-attend industry event that you can attend for just $292. Google I/O 2025: How to watch all the AI and Android reveals