Three prominent surveillance applications—Cocospy, Spyic, and Spyzie—have officially gone offline after being exposed for spying on millions of users. The shuttering of these platforms follows a massive security breach that laid bare the intrusive nature of their operations.
The Anatomy of the Breach
In February, a security researcher identified a critical vulnerability shared across all three platforms. This flaw allowed unauthorized individuals to access the personal data of any device running the software, including private messages, photos, call logs, and real-time GPS locations. Beyond the technical exposure, the vulnerability revealed the scale of these operations by leaking the email addresses of 3.2 million customers who had signed up to use the services for illicit monitoring.
The researcher cross-referenced these leaked credentials with the data breach notification site Have I Been Pwned to confirm the extent of the exposure. Shortly after these findings were publicized, the websites for Cocospy, Spyic, and Spyzie disappeared, and their Amazon-hosted cloud storage repositories were purged.
A Recurring Pattern of Failure
The sudden disappearance of these apps mirrors a trend in the stalkerware industry. Operators frequently dissolve their businesses or rebrand entirely following a hack to evade legal consequences and public scrutiny. Similar fates befell LetMeSpy in 2023 and the U.S.-based pcTattletale in 2024, both of which ceased operations after suffering significant security failures.
According to data, at least 25 stalkerware operations have been compromised since 2017, with at least 10 of those, including this recent trio, shutting down permanently in the immediate aftermath of a breach. Despite being marketed under the guise of “parental control,” these apps are widely classified as “stalkerware” or “spouseware” due to their frequent use in non-consensual surveillance, which is illegal.
How to Remove Hidden Spyware
While the servers for Cocospy, Spyic, and Spyzie are currently offline, the software may still reside on infected devices. Users concerned about their privacy should take immediate steps to audit their phones.
Steps to detect and delete:
- Access the hidden menu: On many Android devices, entering ✱✱001✱✱ into the phone’s keypad and pressing “call” may force hidden stalkerware to appear.
- Check for masqueraded apps: Look for an application labeled “System Service” or other generic system names that you do not recall installing.
- Uninstall: If found, delete the malicious application immediately to restore control over your device.
If you suspect your device has been compromised, resources are available. The Coalition Against Stalkerware provides expert guidance for victims. If you are experiencing domestic abuse or violence, contact the National Domestic Violence Hotline at 1-800-799-7233 for confidential support, or dial 911 in an emergency.