FTC Enforces Lifetime Ban on Stalkerware Creator After Important Data Leak
Permanent Restriction on Surveillance Software Commerce
The U.S. Federal Trade Commission (FTC) has upheld its decision to permanently prohibit Scott Zuckerman, the founder of spyware companies Support king, spyfone, and OneClickMonitor, from participating in the surveillance software industry. This enforcement follows a major security breach that exposed sensitive information belonging both to customers and individuals targeted by these stalkerware applications.
Origins of the FTC’s Legal Action
Back in 2021, the FTC issued an order barring Zuckerman from marketing, selling, or promoting any form of surveillance apps or services. this effectively ended his ability to operate within this controversial sector. Additionally, he was required to erase all data collected through SpyFone and implement rigorous cybersecurity measures across his businesses.
The Trigger: A Massive Security Breach Uncovered
The ban stemmed from a 2018 revelation by a cybersecurity expert who found an unsecured amazon S3 storage bucket linked to SpyFone. This vulnerability exposed terabytes of private data including selfies, chat messages from multiple platforms, audio recordings, contact lists, location histories, hashed passwords, and login credentials-all accessible publicly without restrictions.
This incident affected over 44,000 unique email addresses connected with at least 2,200 active users and compromised data extracted from roughly 3,666 devices infected with SpyFone’s stalkerware.
Zuckerman’s Appeal rejected by FTC
In July 2025,Zuckerman petitioned the FTC seeking relief from these prohibitions. He claimed that adhering to mandated security protocols imposed financial hardships on his other ventures-mainly restaurant ownership and tourism projects in Puerto Rico-and insisted he no longer engaged in spyware operations.
The FTC denied this request decisively due to ongoing privacy concerns related to Zuckerman’s previous conduct and also evidence indicating attempts to bypass earlier restrictions.
proof of Continued Links with Stalkerware Activities
an inquiry revealed that less than one year after being banned,Zuckerman was allegedly involved with another stalkerware enterprise called SpyTrac. Leaked documents showed connections between freelance developers managing SpyTrac and infrastructure previously used by Support King. Disturbingly,the leaked files contained fragments of deleted spyfone records alongside access keys for OneClickMonitor cloud storage-both under Zuckerman’s control before enforcement actions were taken.
The Wider Consequences: Dangers Associated With Stalkerware Apps
Stalkerware programs allow covert tracking of smartphones without user consent,a practice fraught with legal challenges worldwide.In recent years,numerous companies producing such software have suffered breaches exposing millions of personal records online.In fact,in just under a decade at least 26 stalkerware providers have experienced hacks or accidental leaks compromising both customer privacy and those being monitored.
- User Privacy Risks: These applications frequently enough operate undetected,bypassing device owner awareness while collecting extensive personal information such as real-time location,social interactions,and multimedia content.
- Recurring Security Lapses: Frequent incidents reveal systemic negligence among stalkerware vendors regarding protection against cyberattacks or inadvertent exposure of sensitive data.
- Regulatory Ramifications: Agencies like the FTC are intensifying crackdowns due to these tools’ invasive nature and their potential misuse for harassment or abuse purposes.
A Cybersecurity Expert Weighs In on Enforcement Challenges
“Mr.Zuckerman’s efforts to resume operations under different names highlight blatant disregard for consumer protection laws,” stated Eva Galperin,c ybersecurity director at a prominent digital rights group.”This case illustrates why vigilant oversight is critical against entities exploiting technology for stalking.”
Tackling Persistent Threats From Malicious Monitoring Software
This situation highlights how regulatory bodies continue confronting emerging dangers posed by intrusive technologies masquerading as legitimate tools but primarily used for unauthorized spying.The persistence shown by offenders attempting workarounds underscores the need for strong enforcement combined with public education about risks tied to installing unknown monitoring apps on personal devices worldwide-especially relevant given global smartphone usage now exceeds six billion users.
