Surveillance apps Cocospy, Spyic, and Spyzie shut down following massive data breach

Three widely used stalkerware applications—Cocospy, Spyic, and Spyzie—have gone offline after a major data breach earlier this year exposed the personal data of millions of surveillance targets and the email addresses of those operating the spyware.

The shutdown follows a February disclosure by a security researcher who found that all three apps shared a critical vulnerability. The flaw allowed unauthorized access to private data—including messages, photos, call logs, and real-time location information—on any device with one of the apps installed. These surveillance tools were designed to operate covertly, often without the user’s knowledge, and remained invisible on the device’s home screen.

The researcher exploited the vulnerability to extract 3.2 million user email addresses and submitted them to the breach notification service Have I Been Pwned. These addresses belonged to individuals who had registered with the apps, typically to surreptitiously monitor another person’s phone activity.

Following reporting on the breach, the apps ceased functioning, their websites went offline, and associated Amazon-hosted cloud storage was removed. Attempts to reach the operators of the surveillance services were unsuccessful, and no official explanation has been provided for the shutdown.

Consumer-grade spyware operations frequently collapse or rebrand after security incidents, likely to mitigate legal exposure and reputational harm. The closures of Cocospy and its clones add to a growing list of surveillance apps—at least 25 since 2017, according to TechCrunch—that have been breached due to flawed security architecture. Ten of these, including Cocospy, have permanently shut down post-breach.

Although often marketed as parental monitoring tools, stalkerware apps are frequently misused for illegal surveillance of partners or spouses and are banned from mainstream app stores and advertising platforms. Hosting providers like Amazon also prohibit their use.

While Cocospy, Spyic, and Spyzie are now offline, experts advise individuals who suspect surveillance to check their devices. On Android phones, dialing 001 and pressing “call” can reveal hidden installations of these apps, which typically appear under the name “System Service.” From there, the spyware can be manually removed.