This week Twitter pushed sponsored tweets advertising a piece of spyware that is marketed to spy on a spouse. The advert heavily suggested the monitoring could be done without the subject's consent; it is illegal to use spyware in this way in the U.S.
"What is she hiding from you? Find our [sic] with mSpy!" the advert reads, according to a screenshot posted to Twitter. The ad is for "mSpy Lite Phone Tracker App."
The advert then shows some notifications a customer might expect if they used the product.
"Helen entered the Night Club," reads one. "Helen left the office," says another, as a man lays in bed reading the pop-ups.
Do you know anything else about the consumer spyware industry? Are you a victim of it? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on firstname.lastname@example.org, or email email@example.com.
As Motherboard has reported, this sort of malware is often used in abusive relationships to stalk, harass, and intimidate. It is linked to cases of sexual and physical violence. Hundreds of thousands of people have accounts with various consumer spyware services, according to datasets from various hacked spyware companies obtained by Motherboard.
In a statement, a Twitter spokesperson said the ad violated the site's terms of service.
"The app violates our Malware and Software Download Policy and will no longer be allowed to advertise on the platform," the spokesperson wrote. That policy says an app downloaded via Twitter must "have the express consent of users to software bundling," as well as "have transparent and user expected application behaviours." A piece of software designed to monitor someone without their consent would likely not meet either of these. The Twitter account itself behind the advert is still online.
Subscribe to our new cybersecurity podc__ast, CYBER.