Cybersecurity Researcher Uncovers Stalkerware Data Breach
Indicators of Stalkerware Include Unusual System Behaviour, Battery Drain, High Data Usage, Overheating, Unexpected Pop-Ups, Or Unfamiliar Apps

Cybersecurity researcher Jeremiah Fowler uncovered a non-password-protected, publicly accessible database containing 86,859 images of what appeared to be screenshots from a user’s device, apparently linked to Stalkerware targeting one individual. The database logged activity and chat conversations from Facebook, WhatsApp, Instagram, and TikTok accounts.
The exposed messages revealed private communications with models, influencers, and celebrities, including intimate exchanges and images never intended for public view. The database was named after a well-known spyware service promoted as monitoring software, but Fowler’s findings indicated it did not belong to the provider itself.
Upon review, Fowler identified the victim as a prominent European celebrity, entrepreneur, and media personality. The images captured conversations with influencers boasting millions of followers, as well as exchanges with friends, family, and business associates. Sensitive information such as phone numbers, emails, invoices, receipts, and identification documents was also exposed.
Unlike typical breaches involving companies or organisations, this case appeared to involve an individual who misconfigured access controls while storing images collected through malicious software. Fowler notified law enforcement and, using phone numbers found in the files, also informed the victim.
What Is Stalkerware, and Is It Legal?
Stalkerware is spyware installed on a phone, tablet, or computer to secretly monitor another person’s activities without their knowledge or consent. It can track location, read messages, record calls, access photos, and monitor social media. Some variants can even activate microphones or cameras.
Although marketed as monitoring tools, Stalkerware is often used for unauthorised surveillance. Victims rarely realise their private communications or locations are being tracked. The software can expose passwords, conversations, routines, and other aspects of digital life, leading to identity theft, blackmail, or physical threats.
In many countries, installing Stalkerware without consent is illegal. Laws in the EU, US, Canada, and Australia classify its use as a criminal offence, with penalties including fines and prison sentences of up to 10 years.
Technical Details
Stalkerware typically requests elevated permissions such as accessibility services or device administrator privileges, enabling it to monitor text messages, call logs, GPS data, photos, and app usage. It often disguises itself as system processes or hides icons to avoid detection. Data is transmitted to a cloud-based dashboard, allowing the perpetrator to view screenshots, location history, and other information in real time. Advanced variants may intercept notifications, capture keystrokes, or record audio.
Signs of Infection
Indicators of Stalkerware include unusual system behaviour, battery drain, high data usage, overheating, unexpected pop-ups, or unfamiliar apps. Devices may run slowly, restart unexpectedly, or show odd permission requests. Suspicious knowledge of your location or activities by others may also suggest surveillance.
Prevention and Removal
Preventing infection requires physical control of devices and strong digital security practices. Use strong passwords, biometric authentication, and multi-factor authentication. Keep systems updated, enable built-in protections, and install security software.
If Stalkerware is suspected, check installed apps, scan with antivirus tools, and review administrator and accessibility settings. A factory reset can often remove spyware, though restoring from compromised backups may reintroduce it. After resetting, reinstall apps only from official sources and change passwords for critical accounts. If harassment or safety concerns are involved, report the incident to authorities before removing the spyware to preserve evidence.
Raising Awareness
Fowler’s investigation highlights how invasive Stalkerware can be, capturing screenshots of private messages, social media activity, location data, and more. Although this case involves celebrities and influencers, everyday users are equally vulnerable.
“My goal in publishing these findings is to raise awareness about the risks posed by Stalkerware while protecting the identities of those involved,” Fowler said. “By showing real examples of what this type of software can capture, readers can better understand the seriousness of the privacy violations, ways to identify and protect themselves against it, and the potential harm it can cause.”
“This case highlights how easily personal communications and online interactions can be monitored when malicious software is present. My intention is to highlight these cybersecurity threats and provide guidance on how to identify and mitigate similar forms of digital surveillance.”



