According to reports, Discord has shut down a website named Spy Pet that scraped Discord user data, including messages posted across servers, and sold it for crypto. Notably, Discord has also banned multiple accounts associated with the Spy Pet service, which has now gone offline.
As first highlighted by StackDiary and The Register, Spy.pet website has scraped data, including profiles and individual messages of over 620 million Discord users, and is selling them off for payments made in cryptocurrency. Furthermore, Spy.pet was found to be stealing connected social media accounts, including Steam accounts, and offering an 'enterprise option' for anyone looking to train an AI model based on Discord's library of messages.
As noted by 404 media, Discord has banned accounts associated with Spy.pet, which was previously scraping as many as 14,000 Discord servers, bringing the number down to 0 by April 25. Moreover, the Spy.pet site itself is dead.
A Discord representative said, "our Safety team has been diligently investigating this activity, and we identified certain accounts that we believe are affiliated with the Spy.pet website, which we have subsequently banned."
Reportedly, Spy Pet was selling scraped data, which includes messages on the servers, logs of what voice channels were used, join and exit times, etc., for as little as $5. Impacted servers include those of Minecraft, Among Us, and Runescape, as well as cryptocurrency.
A Spy.pet administrator (via a Telegram channel) confirmed to 404 Media, that they are banned from Discord but said that the server counter on the website is showing zero because of a change in Spy.pet's code. They also added that the removal of the website has nothing to do with Discord's action to ban them and the associated bots.
Spy.pet has also denied that they are a 'tool to be used for harassment', despite reportedly offering the scraped content to Kiwi Farms, a website known for stalking, and harassment. As StackDiary notes, Spy.pet's actions were a violation of the European Union's General Data Protection Regulation (GDPR), and the collection and sale of data from minors is a violation of the Children's Online Privacy Protection Act (COPPA) in the US.
0 Comments - Add comment